Trend Micro Endpoint Comparative Report Performed by AV-Test.org

Similar documents
Trend Micro Enterprise Endpoint Comparative Report Performed by AV-Test.org

Trend Micro SMB Endpoint Comparative Report Performed by AV-Test.org

Trend Micro SMB Endpoint Comparative Report Performed by AV-Test.org

CONSUMER EPP COMPARATIVE ANALYSIS

ENTERPRISE ENDPOINT COMPARATIVE REPORT

IT Security Cost Reduction

Remediation Testing Report

Invincea Endpoint Protection Test

Protecting Virtual Environments

Enterprise Anti-Virus Protection

Symantec Endpoint Protection 14

Prevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,

A Simple Guide to Understanding EDR

MRG Effitas 360 Degree Assessment & Certification Q4 2017

Symantec Endpoint Protection 12

Symantec Endpoint Protection

Enterprise Anti-Virus Protection

Enterprise Anti-Virus Protection

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

SE Labs Test Plan for Q Endpoint Protection : Enterprise, Small Business, and Consumer

Transparency report. Examining the AV-TEST January-February 2018 Results. Prepared by. Windows Defender Research team

Real World Testing Report

MRG Effitas 360 Assessment & Certification Programme Q4 2015

Norton Security for Professionals Partner Deck Ingram Micro Cloud Marketplace

MRG Effitas 360 Degree Assessment & Certification Q1 2018

Symantec Protection Suite Add-On for Hosted Security

ADVANCED ENDPOINT PROTECTION COMPARATIVE REPORT

Sales Training

WHITEPAPER ENDPOINT DETECTION AND RESPONSE BEYOND ANTIVIRUS PROACTIVE THREAT HUNTING AT THE ENDPOINT

Commtouch Messaging Security for Hosting Providers

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Advanced Malware Protection: A Buyer s Guide

Web Gateway Security Appliances for the Enterprise: Comparison of Malware Blocking Rates

Building Resilience in a Digital Enterprise

Anti-Virus Comparative

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Small Business Anti-Virus Protection

MRG Effitas Real Time Protection Test Project, First Quarter Q MRG Effitas Real Time Protection Test Project, First Quarter (Q2 2013)

Kaspersky Security Network

MRG Effitas Trapmine Exploit Test

Piero DePaoli, Director, Product Marketing Scott Sawoya, Senior Manager, Product Management. SR B19: Symantec Endpoint Protection 12 Customer Panel

A Guide to Closing All Potential VDI Security Gaps

Mapping traditional AV detection failures. October 2017

Endpoint Security Transformed. Isolation: A Revolutionary New Approach

Maximum Security with Minimum Impact : Going Beyond Next Gen

Symantec Endpoint Protection Integration Component User's Guide. Version 7.0

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

MRG Effitas 360 Degree Assessment & Certification Q MRG Effitas 360 Assessment & Certification Programme Q2 2017

The Mimecast Security Risk Assessment Quarterly Report May 2017

Cisco Security: Advanced Threat Defense for Microsoft Office 365

Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

Qualys Indication of Compromise

Mastering The Endpoint

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Cisco Protects Internal Infrastructure from Web-Based Threats

Securing the SMB Cloud Generation

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

9 Steps to Protect Against Ransomware

Anti-Virus Testing and AMTSO

Securing and File Sharing in the Cloud

FILELESSMALW ARE PROTECTION TEST OCTOBER2017

This document provides instructions for the following products.

ENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE

CONSUMER AV / EPP COMPARATIVE ANALYSIS

Trend Micro Deep Discovery for Education. Identify and mitigate APTs and other security issues before they corrupt databases or steal sensitive data

COMPARATIVE MALWARE PROTECTION ASSESSMENT

McAfee Endpoint Security

Achieve deeper network security

RSA Cybersecurity Poverty Index

TITLE FIELD OF THE INVENTION BACKGROUND OF THE INVENTION

DATA SHEET RSA NETWITNESS ENDPOINT DETECT UNKNOWN THREATS. REDUCE DWELL TIME. ACCELERATE RESPONSE.

Learn Here, Protect There

Real Security. In Real Time. White Paper. Preemptive Malware Protection through Outbreak Detection

Intel Security Advanced Threat Defense Threat Detection Testing

Symantec Endpoint Protection 11.0

The 2017 State of Endpoint Security Risk

6 KEY SECURITY REQUIREMENTS

Advanced Threat Protection Buyer s Guide GUIDANCE TO ADVANCE YOUR ORGANIZATION S SECURITY POSTURE

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Measuring cloud-based anti-malware protection for Office 365 user accounts

Copyright 2011 Trend Micro Inc.

MRG Effitas Online Banking Browser Security Assessment Project Q Q1 2014

Top 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted)

Next Generation Endpoint Security Confused?

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

Defend Against the Unknown

IT & DATA SECURITY BREACH PREVENTION

CYBER SECURITY EFFECTIVENESS FOR THE RESOURCE-CONSTRAINED ORGANIZATION

ADVANCED ENDPOINT PROTECTION TEST REPORT

Why Machine Learning is More Likely to Cure Cancer Than to Stop Malware WHITE PAPER

etrust Antivirus Release 7.1

Trend Micro OfficeScan Client User Guide

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Herd Intelligence: true protection from targeted attacks. Ryan Sherstobitoff, Chief Corporate Evangelist

with Advanced Protection

Combating Today s Cyber Threats Inside Look at McAfee s Security

Pedal to the Metal: Mitigating New Threats Faster with Rapid Intel and Automation

Transcription:

Trend Micro Endpoint Comparative Report Performed by AV-Test.org Results from May 2010 Executive Summary In May of 2010, AV-Test.org performed endpoint security benchmark testing on five marketleading Enterprise endpoint solutions from Symantec, McAfee, Microsoft, Sophos and Trend Micro. Trend Micro added its Worry-Free Business Security product to this test in conjunction with its OfficeScan product. AV-Test.org tested zero-day attacks actually occurring in the wild by sourcing malicious URLs that had malware associated with them. The testing occurred simultaneously across all vendors platforms to ensure no biases during the test runs. Products were configured to block or detect the threats at multiple levels, thereby giving each vendor maximum ability to protect against these threats. A new dynamic layer was added in this test, whereby any malicious files which were not blocked in previous layers were executed to determine if behavior/heuristic technologies could detect/block the threat as a last defense. In these tests, Trend Micro emerged as the overall winner. Trend also demonstrated a decided advantage in blocking these threats at their source, the URL. With an overall score at blocking zero-day threats of 95 percent, the Trend Micro Worry-Free Business Security stands distinctly apart from other products, whose averages ranged from just 64 to 91 percent. Overview Traditionally, endpoint testing has been done by updating each product s signatures, removing the device from the network, and then copying a test set of malicious files onto the device to determine how many can be caught. That was fine when only a small number of malicious files were being introduced to the world, but today, according to the latest statistics from AV- Test.org, we re seeing over 1.5 million unique samples every month.

Unique Samples Added 2,000,000 1,500,000 1,000,000 500,000 New Unique Samples Added to AV-Test.org's Malware Collection Growth 3 Month Median Forecast 0 Exposure Layer Detection and Blocking Reduces Risk This threat of volume is creating issues for all vendors who attempt to keep up with these new emerging threats simply using file-based detection methods. File-based detection requires that each threat have an analogous signature file created and distributed by the antivirus company. Additionally, the majority of threats now come from the Internet via compromised webpages, BSEO (Blackhat Search Engine Optimization) and the use of social engineering. New technologies need to be used to combat these new threat vectors. As such, AV-Test.org performed a more real-world test of endpoint solutions that doesn t just score how well a product can detect file-based threats (Infection Layer), but includes the ability to block the threat at its source (Exposure Layer) and detect/block the threat during execution (Dynamic Layer). The ability of a solution to source, analyze and block new threats that it cannot identify is becoming critical, due to the rapid rise in the amount of threats being released in the wild. Exposure Layer blocking reduces the risk to the network because fewer threats will impact network bandwidth, or require computing resources to block them at the endpoint. In this test, only threats that were not blocked by a previous layer were tested against the next layer, and so on. Another aspect of the test performed by AV-Test.org is retesting after 1 hour to determine if any vendors have added new protection for threats missed in the initial run (a.k.a. Time to Protect ). In May 2010, AV-Test.org tested five market-leading Enterprise endpoint solutions from Symantec, McAfee, Microsoft, Sophos and Trend Micro. The results of the test showed that Trend Micro was the overall winner, with a decided advantage in both Exposure layer protection and time to protect. As shown below, Trend Micro Worry-Free Business Security ranked #1 in Overall Protection against these leading vendors in number of threats blocked. 2 of 6

Note: Results are based on the T+60 minute results Products Tested AV-Test.org tested the following five products during May 2010: Trend Micro OfficeScan Client/Server Suite v10.0 SP1 Trend Micro Worry-Free Business Security Standard v6.0 SP2 Symantec Endpoint Protection v12.0.1001.95 Microsoft Forefront Client Security v1.5.1981.0 McAfee VirusScan Enterprise with Artemis and SiteAdvisor v8.7.0.570 Sophos Endpoint Security and Control v9.0.5 3 of 6

Results and Analysis Trend Micro Worry-Free Business Security (WFBS) received the top ranking among all products. NOTE: Prevention percentages at each layer do not add up to overall score. For example, with Trend Micro OfficeScan: Exposure layer prevented 150 of 200 threats (75%); Infection layer prevented 25 of 50 threats (50%); Dynamic layer prevented 4 of 25 threats; Overall prevented 179 of 200 threats (89.5%). Trend Micro and Sophos appear to have the most robust technology to block threats at their source, thereby, ensuring no file is downloaded prior to detection. This ensures these threats do not require bandwidth to download them, nor does the threat need to be detected at the machine layer, meaning this threat never entered the PC or network. Microsoft performed the best at the Infection and dynamic layer, which helped their overall score, but also means they are still focused on blocking threats using their signature-based or behavior-based detection methods. This could cause issues as more malicious files are released to the wild. Depending on file- and signature-based methods requires more work to create the signature files, distribute and update these files on each endpoint. As a result, the network and the endpoint computer resources will be increasingly used for protection, as threats multiply. Overall, the scores are lower than you would normally see in many of today s tests. This may be due to the fact that the corpus of URLs and files were sourced very shortly prior to the test, thereby not allowing the vendors much time to obtain the samples through the normal industry sharing process. 4 of 6

Another aspect not widely known is that the underground cybercriminal industry provides services to developers for testing malicious files against the latest signatures from vendors. These tools allow cybercriminals some time before their malicious files can be detected. http://www.wired.com/threatlevel/2009/12/virus-check/ These issues require vendors to improve their ability to source, analyze and block unknown threats. For this reason, the methodology utilized by AV-Test.org in this test is to re-run the samples again after 1 hour. This gives vendors products a chance to automatically source the threats which bypassed their technologies in the first run, analyze each of the URLs and files and ultimately provide protection prior to the next run. The plus one-hour tests should have improved if the products have built in automation to manage this process. NOTE: Time-to-protect improvement is the percentage of threats missed at T=0min that are subsequently prevented at T=60min. For example, with Trend Micro OfficeScan: At T=0min, 173 threats were prevented while 27 threats were missed. Of the 27 threats missed at T=0min, 8 were prevented at T=60min (8 of 27 equals 22.2%). Trend Micro again proved it does a good job in this area, with Worry-Free Business Security improving 44% from the first test. This means that of the total number of threats undetected during the first run, 44% of them were blocked during the T+60 run. 5 of 6

Rankings, Corpus, and Methodology Scoring and Rankings The overall scores were derived by adding up the total number of threats blocked by each solution, regardless of which layer blocked it. Note that these rankings do not consider performance, scalability, user interface, features, or functionality only protection effectiveness against the May 2010 corpus. The Corpus AV-Test.org compiled the corpus for testing by searching the Internet for malicious URLs that have associated malware. For this test they sourced 200 malicious URL samples and the associated 200 malicious file samples to conduct the test. The URLs/files that AV-Test.org uses for testing are gathered from sites in the wild, using a variety of proprietary discovery, analysis, and verification techniques. They are neither supplied by, nor known to, any of the companies whose products were tested. Test Methodology The test methodology can be found at the following webpage. http://www.av-test.org/services_and_testing In Summary Some conclusions made from the data presented here. 1. Vendors like Trend Micro that have invested in and provided solutions that block threats at multiple layers (Exposure, Infection & Dynamic) provide better overall security against the new threats propagating today. They improve protection by keeping threats completely off the network or computer using proactive technologies like Web reputation instead of waiting for malicious files to be downloaded. 2. Zero-day threats are more difficult to defend against, which is why the overall scores are lower than traditional detection rate tests, and why the Time to Protect factor has to be included in any real-world tests. This shows the effectiveness of a vendor at sourcing, analyzing and providing protection for any previously unobserved threats. This comparative review, conducted independently by AV-Test.org in May 2010, was sponsored by Trend Micro. AV-Test.org aims to provide objective, impartial analysis of each product based on hands-on testing in its security lab. 6 of 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback