Endurance Test: 14 Security Solutions for Corporate Users
Much depends on a reliable protection solution for a company. That is why it is essential for a security solution to also demonstrate in an endurance probe how well it works and fends off attacks. The experts from AV-TEST examined 14 solutions for corporate users in an endurance test over a period of 6 months. All the tools exhibited impressively solid performance. Some products even achieved the maximum number of points.
The number of cyberattacks with malware has reached peak levels. The attacks often threaten not only the data of a company but also its existence. That is why a perfectly functioning security solution for corporate users is more important than ever. But which product shows the best performance in an endurance test on the front line, fending off the 24/7 wave of malware? The endurance test of security solutions for corporate users provides answers to this question. The latest endurance test examined 14 company solutions in the lab of AV-TEST for 6 months from March to August 2024 under Windows 10 and 11.
Each product showed its quality in the categories of protection, performance and usability in the six test rounds from March to August. In each test area, a product manufacturer can achieve up to 6 points from the testers for its performance month for month, thus a total of 18 points. At the end of an endurance test, the test team collates all the values and thus arrives at a well-structured average result in points. An additional table provides a summary view of the detection rates for the endpoint products. It shows the sum of all values from the real-world test with always brand-new malware and the findings of the tests with the AV-TEST reference set.
Included in the endurance test were the solutions of the following manufacturers: Avast, Bitdefender (with two versions), Check Point, ESET, HP Security, Kaspersky (with two versions), Microsoft, Qualys, Seqrite, Sophos, Trellix and WithSecure.
The 24/7/365-detection under Windows 10 and 11
Cyber attackers don't keep normal office hours. On the contrary: Studies show that most attacks occur during the night and on weekends. That is why protection software for companies must be ready around the clock, detecting attackers quickly and reliably. The lab at AV-TEST scrutinizes this point extensively. In the so-called real-world test, the lab sends dozens of brand-new attackers each month, mostly zero-day malware, to the Windows systems to be protected. In the second test phase with the AV-TEST reference set, the experts evaluate whether the protection systems also detect thousands of malware samples already known for days. These always include especially dangerous attackers. In numbers, this means in the endurance test: The products are required to fend off just under 1,000 zero-day attackers in the real-world test and over 50,000 malware samples in the reference sets.
This difficult task is perfectly handled by the products from Avast, Bitdefender (with both versions), Kaspersky (with both versions), Qualys and WithSecure. In all the tests, these solutions for corporate users detected each attacker without exception.
Check Point and Sophos also performed quite respectably. Both identified an excellent 99.9 percent in the real-world test and 100 percent in the reference sets.
While the products from ESET, HP Security, Microsoft and Seqrite did work error-free in the reference sets, they came in between 99.7 and 99.1 percent in the real-world test. Only Trellix committed minor false detections in both tests.
System load on Windows 10 and 11
Especially in an office environment, the performance of a client PC counts tremendously, as good protection by the security solution means employees shouldn't have to put up with inferior performance. In order to test this, the lab uses an office PC and a high-end PC for carrying out routine office tasks. This involves the lab team's calling up websites, carrying out installations and launching programs. In addition, data is copied locally and onto the network. Both PCs and the time required for the operations are used as a reference in the test. In the performance test, the lab repeated exactly the same operations with the security solutions installed under Windows 10 and 11.
The times recorded in most cases were excellent. The products from Bitdefender Endpoint Security, ESET, Kaspersky (with both versions), Microsoft and Seqrite caused almost no system load on the Windows client PC. For their performance in the endurance test carried out over a period of several months, they received the full 6 points.
The solutions from Avast, Check Point, Trellix and WithSecure demonstrated a slight load on the client and thus received 5.8 points on average. Qualys followed closely with 5.7 points. Bitdefender in the Enterprise version and HP Security each had half a point taken off on average due to their slight system load. They received 5.5 out of 6 points. Sophos showed in all months a somewhat greater load on the test clients and thus only achieved 5.3 out of 6 points.
The important topic of false alarms
Security teams in companies know what it means when a client reports a malware infection where none has actually occurred. These false positive alarms can be very costly. That is why the lab examines the behavior of the security solutions towards harmless software. To do so, each month it uses a variable set of over one million innocuous files for the test. In addition, the testers visit thousands of websites, and install and launch dozens of popular software packages.
In an ideal scenario, throughout the six-month endurance test, the products ought to report no false alarms or only in isolated cases – e.g. well under 5 false positives per million files. Nearly all the products achieved this excellent level of performance! In this test segment, 12 of the 14 solutions evaluated received the full 6 points. Only Trellix and HP Security flagged too many harmless files as threats. As a result, the two products still earned 5.8 and 5.7 points respectively out of a possible 6.
Conclusion: endurance test over 6 months
A regular certification test from AV-TEST already demonstrates how well security solutions perform for corporate users. The endurance test adds to these tests another important aspect: protection reliability over a longer period of time. The current endurance test over 6 months offers clear insights! Bitdefender Endpoint Security, ESET PROTECT Advanced, as well as Kaspersky Endpoint Security and Kaspersky Small Office Security, achieving the maximum 18 points, left no doubt as to their reliability in terms of protection, performance and usability.
Yet the solutions from Avast, Check Point, WithSecure, Microsoft, Qualys and Seqrite were in close competition at the highest level, with 17.8 and 17.7 points. Even the bottom of the table had nearly peak scores: Bitdefender (Version Enterprise) with 17.5 points, Trellix and Sophos with 17.4 and. 17.3 points. Even the last-place finisher, HP Security, achieved an excellent 17 out of 18 points.