Deutsch
English
Français
Español
- Share:
Endurance test of 15 security solutions for corporate users
Traditional testing can offer a decent picture of the effectiveness of any one security solution for companies at a given instant; yet, an endurance test is able to delve deeper. This is especially the case with the endurance test because it took place over a period of 6 months and it included both Windows 10 and 11. Many companies are looking to use the extended support for the now discontinued Windows 10, or they are in the process of migrating their systems to Windows 11. So it is vastly more relevant now to know how well the 15 solutions in the endurance test can provide protection to companies and their employees using either operating system.
put to an endurance test from March to August 2025
In today’s time, reliable cybersecurity can act as a company’s last line of defense in an emergency before financial damage threatens its very existence. Some recent cases exemplify that this claim is no exaggeration:
Collins Aerospace, a subsidiary of U.S.-based RTX Corporation, was recently adversely impacted by a cybersecurity incident, as reported in the article EU cyber authority confirms cyberattack on Berlin and London airports. It led to outages in the electronic check-in processes and baggage handling at the airports in Berlin and London, as well as in other European cities. This chaotic situation lasted for weeks, and some airports had to resort to manual check-in procedures for passengers using paper and pencil. Many flights were simply canceled and the financial damage was tremendous.
At the beginning of 2025, Fasana, a Germany-based napkin manufacturer, filed for bankruptcy after a cyberattack struck and paralyzed the company for weeks. KNP Logistics Group, a transport company based in the U.K. that had been in business for 158 years, was obliterated as the result of a ransomware attack. There may have been additional reasons why these companies were forced out of business, but there is one thing that they all have in common: the inability to handle the consequences of a cyberattack.
This is why companies need to ensure the highest level of cybersecurity possible. The endpoint security solution, which many have declared as dead, still forms the core of security solutions for companies. And now a new concern arises: Microsoft will no longer provide companies with security updates for their Windows 10 systems unless they first register for extended security updates (ESU). Some companies are only now starting to plan the migration of their systems to Windows 11. But does the customer’s specific endpoint solution protect their clients under the new version of Windows just as reliably as under the old version? This question is the focus of the current endurance test with 15 solutions for corporate users. The test took place from March to August 2025 and evaluated the products under Windows 10 and 11.
Solutions for companies were subjected to 6 months of testing in the lab. 5 solutions completed the test with the highest score of 18 points
The detection tests show how well the products for corporate users can defend against malware. 7 solutions stood out with a perfect score
Each product was able to show off its capabilities in the test areas of protection, performance and usability in the six test rounds from March to August. The lab awards up to 6 points for each area. Each solution is able to achieve a maximum of 18 points – a feat that some actually managed!
The test included 15 endpoint solutions from Avast, Bitdefender, ESET, HP Security, Huawei, Kaspersky (with two versions), Legendsec, Microsoft, Microworld, Qualys, Seqrite, Sophos, Trellix and WithSecure. Five of the products tested even earned the maximum possible: 18 points.
Excellent reliable detection of malware under Windows 10 and 11
The lab carefully analyzed the applications’ performance in detecting malware over a period of 6 months. The extensive test is conducted in two stages. The real-world test is the first stage. In it, the lab uses more than 2,000 samples of zero-day malware, which are continually emerging online or from emails. To this end, the lab operates its own honeypots. The second stage of testing employs a reference set of more than 55,000 samples of malware that have been circulating online for days or even weeks. Accordingly, the security solutions should be aware of the existence of these files – that is, at least, if the manufacturers have been keeping their malware databases up to date.
7 solutions demonstrated an impressive error-free performance in both stages of the endurance test. The endpoint products from Bitdefender, ESET, HP Security, Kaspersky (with both versions), Microsoft and WithSecure each consistently defeated the attacks 100 percent of the time.
The products from Avast, Qualys and Trellix fended off 99.9 percent in the test for zero-day malware, whereas they aced the tests with the reference set with flying colors. Close behind is Sophos, which also made minor errors in the second stage of testing, netting the solution a result of 99.9 percent in each stage.
The solutions for corporate users from Microworld, Legendsec, Seqrite and Huawei performed error-free in the test with the reference set. However, they had issues with detecting the zero-day malware. The detection rates for these products were between 99.6 and 99.0 percent, and they had important points taken off as a result.
How resource-intensive do the endpoint solutions work?
Not all of the computers used in many companies are always up to date. An office computer is usually sufficient for daily work. In keeping with this, it is important for a security solution to only need a small amount of system resources when running on Windows 10 and 11. To evaluate this, the AV-TEST lab uses a high-end computer and a regular office computer without an installed security solution for each product in the test. The testers then perform typical office tasks on the systems. In the endurance test, they surf the Internet visiting around 400 websites, download nearly 150 files and install and launch around 300 apps. As a final step in the test procedure, the testers also copy nearly 30,000 files onto the local system as well as onto the network. The time required for these tasks establishes the basis for the reference time. Now the testers install a security solution on the computers and then carry out the procedure a second time. Ideally, the time recorded should be only slightly longer than without a security solution.
The 8 endpoint packages from Avast, Kaspersky (both versions), Legendsec, Microsoft, Qualys, Seqrite and WithSecure demonstrated how a simple office computer can be well-protected. For their high level of performance, they all received the full 6 points.
The solutions from ESET, Microworld and Trellix occasionally placed more of a strain on system resources, which led to a slight deduction: 5.8 out of 6 points. However, the deduction was greater for the solutions from HP Security and Huawei: 5.7 points.
Only the security packages from Bitdefender and Sophos taxed the systems slightly more, leading the testers to award them only 5.5 out of 6 points.
The security solution for companies scored only the highest points in each area in the 6-month endurance test, earning it the maximum score of 18 points
Excellent performance in all test areas means the endpoint solution earned 6 points times three for a total of 18 points – the maximum score possible
The security solution from Qualys for corporate users showed no weaknesses in the 6-month endurance test, thus achieving the full 18 points
Kaspersky’s smaller security solution for SMEs also achieved the best value of 18 points in the endurance test
The Finnish endpoint solution consistently demonstrated its ability to perform without errors in the endurance test, meaning it earned the full 18 points
The final result after 6 months of endurance testing for the Slovakian solution for companies is 17.8 points, just below the best score of 18 points
False alarms drive IT costs higher
A company’s IT security staff has to react every time a solution wrongly assesses a harmless file or application and sounds an alarm. In the worst case, the workstations are isolated from the others and production or office work grinds to a halt for safety reasons. Therefore, the AV-TEST lab checks how well the security suites distinguish between friend and foe in actual use.
The lab copies a set of constantly changing samples to the test systems with almost 950,000 harmless files and applications – amounting to a total of around 2.8 million – over the course of the endurance test. The testers also surf the Internet visiting 1,500 websites, as well as install and run around 250 applications. None of these actions should trigger an alarm since there is nothing hiding anywhere.
For 11 of the 15 evaluated solutions, the false-positive test ran perfectly, and all of the solutions received the full 6 points: Avast, Bitdefender, ESET, HP Security, Huawei, Kaspersky (both versions), Qualys, Sophos, Trellix and WithSecure.
The security packages for corporate users from Microsoft and Seqrite misidentified a few files or blocked applications: 5.8 out of 6 points. The situation was similar for Microworld: 5.7 points. Legendsec was the only product to cause false alarms too often, thus earning only 5.5 points.
Conclusion: 15 endpoint solutions put to an endurance test
The current endurance test provides a good overview of the performance of 15 endpoint solutions available on the market. The test outcome for the solutions from Avast, Kaspersky (both versions), Qualys and WithSecure is particularly good, with the products each achieving 18 out of 18 points in the overall results of the endurance test.
The solutions from ESET, Microsoft and Trellix followed with an excellent result of 17.8 points, and HP Security was close behind with 17.7 points. The rating for the other products is slightly lower, within a range of 17.2 and 17.6 points (out of 18 points). This only shows the high level of the security solutions available for corporate users.
