Corporate Protection: 17 Endpoint Solutions for Windows Are Put to the Test
Last year, negative reports concerning companies caught up in the attacks of the cyberwar between Ukraine and Russia hit the headlines time and time again. Some of these companies suffered collateral damage despite the fact they do not deliver any goods to either of the countries or are not involved in any production activities. In some cases, even using a service or technology targeted by an attack wreaked absolute havoc.
To ensure that companies are well equipped to fend off such side effects, it is essential that employees’ Windows computers in particular offer a perfect defense mechanism against cyberattacks. Against this background, the AV-TEST laboratory tested 17 security solutions currently available on the market for protecting staff computers with Windows in a corporate setting. The laboratory test was conducted in May and June 2023 using the Windows 10 Professional version common among corporate users. The test was performed twice in succession to obtain a meaningful result rather than just a snapshot.
17 solutions against thousands of malware samples
The laboratory evaluates all the products with the help of a comprehensive test in the categories of protection, performance and usability (which mainly concerns false alarms). The products are awarded up to 6 points for their performance in each of these categories. At the end of the test, a solution can therefore have received up to a maximum of 18 points. If a product achieves 17.5 or even all 18 points, it is not only awarded a certificate for tested security but also earns further recognition as a TOP PRODUCT.
The test line-up involved 17 products from the following manufacturers: AhnLab, Avast, Bitdefender (with two versions), Check Point, Kaspersky (with two versions), Malwarebytes, Microsoft, Seqrite, Sophos, Symantec, Trellix, Trend Micro, VMware, WithSecure and Xcitium.
A quick look at the final result reveals that many vendors offer solutions that are not just good but can also be labelled as TOP PRODUCTS. 15 of the 17 solutions examined received an additional award for particularly good results. Only two of the products tested fell short of the results of the top-rated solutions.
Endpoint solutions for more corporate protection
17 endpoint solutions put to the test
Fending off more than 16,5000 malware samples
The core task to be fulfilled by a security solution is fending off malware. In its protection test, the laboratory examines the solutions’ performance in not one but two test tasks. While the real-world test uses an attack with hundreds of samples of the latest zero-day malware, the laboratory also conducts a test using a reference set. This set contains more than 16,000 samples of malware that are already known but nonetheless very dangerous.
The products from the vendors AhnLab, Avast, Bitdefender (both versions), Check Point, Sophos, Symantec, Trellix and Trend Micro all achieved perfect defense results of 100 percent in both parts of the protection test.
Kaspersky and Microsoft each made minor errors over a month in the real-world test, in which they achieved a total of 99.3, but otherwise also reached the 100-percent mark.
While Xcitium only experienced slight problems when identifying the reference set, VMware, Seqrite and WithSecure had trouble detecting zero-day malware in the real-world test. Malwarebytes had problems in three of the four test segments. Half a point was therefore deducted from the results of each of these four vendors. All other products earned the full 6 points in this test.
The power of speed
To work effectively, employees require a work computer with a good performance. A well-functioning security solution should not impair this performance. In the past, tests have shown that some endpoint solutions work completely discreetly in the background, while others require far too many system resources. In this performance test, the laboratory yet again identified solutions that have too much of a load on the system.
For this test category, the laboratory completes common tasks on a high-end computer and an office computer, for example copying files, downloading items or opening websites. The time required is then used as a reference. Next, the laboratory installs the security solutions, performs identical actions and compares the time required for each task.
For 12 of the 17 endpoint products examined, the testers noticed virtually no additional load on the system and therefore awarded them the full total of 6 points: Avast, Bitdefender (both versions), Kaspersky (both versions), Microsoft, Symantec, Trellix, Trend Micro, Malwarebytes, Seqrite and WithSecure.
A small load was measured when using AhnLab, Check Point and Sophos. The testers therefore deducted half a point from each of these solutions, leaving them all with a nonetheless good total of 5.5 points.
The system load with Xcitium is larger, so this solution only received 5 points. The endpoint solution from VMware requires too many system resources and was therefore penalized with a point deduction of 1.5, resulting in a total of 4.5 points.
Trend Micro Apex One
Symantec Endpoint Security Complete
Trellix Endpoint Security
Kaspersky Endpoint Security
Avast Ultimate Business Security
Bitdefender Endpoint Security Ultra
Support stress due to false alarms
The laboratory uses the usability test category to summarize how the security packages handle harmless websites, applications and files. To do so, the experts install popular programs and launch them. They also copy more than 1.3 million executable but harmless files onto the test system. Finally, the testers visit 500 unproblematic websites.
In this test, the security protects should not sound any alarms because there is no danger involved. After all, such false positives always cause stress for corporate support teams.
In the current test, 16 of the 17 security products investigated displayed very successful friend or foe detection and therefore each received 6 points. Only Xcitium blocked one item of software that was actually legitimate and therefore only received 5.5 points.
Very good results in the May to June test
Corporate users often have different standards when it comes to what they want their endpoint solution to offer. This test is therefore the ideal focus on which they can base their decisions. After all the AV-TEST laboratory used this test to highlight the important values for protection, performance and usability. In the final results, 9 products achieved the maximum total of 18 points, while 6 other products received a very good result of 17.5 points. These 15 solutions therefore earned the additional recognition of TOP PRODUCT.
Many of the endpoint products examined in this test are also subjected to the advanced tests using dedicated ransomware and other attack scenarios. The so-called Advanced Threat Protection tests go a step further in terms of security checks.