The results of a recent test — Enterprise Advanced Security (EDR): Enterprise 2022 Q2 – DETECTION — were revealed in an SE Labs‘ report. The British company has been putting the security solutions of major vendors through their paces for several years now. In this latest test, our business product Kaspersky Endpoint Detection and Response Expert achieved an absolute 100% score in targeted attack detection and was awarded the highest possible rating – AAA.

This is not SE Labs’ first analysis of our products for protecting corporate infrastructure against sophisticated threats. The company previously ran its Breach Response Test (which we took part in in 2019). In 2021, our product was tested in their Advanced Security Test (EDR). Since then, the testing methodology has been tweaked, and the test itself has been divided into two parts: Detection and Protection. This time, SE Labs studied how effective security solutions are at detecting malicious activity. Besides Kaspersky EDR Expert, four other products took part in the test: Broadcom Symantec, CrowdStrike, BlackBerry, and another, anonymous, solution.

Grading system

The testing was made up of several checks, but to get a feel for the results, it will suffice to look at the Total Accuracy Ratings. This basically shows how well each solution detected attacks at different stages, and whether it pestered the user with false positives. For even greater visual clarity, the participating solutions were assigned an award: from AAA (for products with a high Total Accuracy Rating) to D (for the least effective solutions). As mentioned, our solution got a 100% result and an AAA rating.

The Total Accuracy Ratings consist of scores in two categories:

• Detection Accuracy: this takes into account the success of detecting each significant stage of an attack.
• Legitimate Software Rating: the fewer the false positives generated by the product, the higher the score.

There’s one other key indicator: Attacks Detected. This is the percentage of attacks detected by the solution during at least one of the stages, giving the infosec team a chance to respond to the incident.

How we were tested

Ideally, testing should reveal how the solution would behave during a real attack. With that in mind, SE Labs tried to make the test environment as life-like as possible. First, it wasn’t the developers who configured the security solutions for the test, but SE Labs’ own testers, who received instructions from the vendor – as clients’ infosec teams usually do. Second, the tests were carried out across the entire attack chain – from first contact to data theft or some other outcome. Third, the tests were based on the attack methods of four real and active APT groups:

• Wizard Spider, which targets corporations, banks and even hospitals. Among its tools is the banking Trojan Trickbot.
• Sandworm, which primarily targets government agencies and is infamous for its NotPetya malware, which masqueraded as ransomware, but in fact destroyed victims’ data beyond recovery.
• Lazarus, which became widely known after the large-scale attack on Sony Pictures in November 2014. Having previously focused on the banking sector, the group has recently set its sights on crypto-exchanges.
• Operation Wocao, which targets government agencies, service providers, energy and tech companies, and the healthcare sector.

Threat detection tests

In the Detection Accuracy test, SE Labs studied how effectively security solutions detect threats. This involved carrying out 17 complex attacks based on four real-world attacks by Wizard Spider, Sandworm, Lazarus Group, and Operation Wocao actors, in which four significant stages were highlighted, each of which consisted of one or more interconnected steps:

• Delivery/Execution
• Action
• Privilege Escalation/Action
• Lateral Movement/Action

The test logic does not require the solution to detect all events at any particular stage of the attack; it is enough to identify at least one of them. For example, if the product failed to notice how the payload got onto the device, but detected an attempt to run it, it successfully passed the first stage.

Delivery/Execution. This stage tested the solution’s capacity to detect an attack in its infancy: at the time of delivery — for example, of a phishing e-mail or malicious link — and execution of the dangerous code. In real conditions, the attack is usually stopped there, since the security solution simply doesn’t allow the malware to go any further. But for the purposes of the test, the attack chain was continued to see how the solution would cope with the next stages.

Action. Here, the researchers studied the solution’s behavior when attackers have already gained access to the endpoint. It was required to detect an illegitimate action by the software.

Privilege Escalation/Action. In a successful attack, the intruder attempts to gain more privileges in the system and cause even more damage. If the security solution monitors such events or the privilege escalation process itself, it’s awarded extra points.

Lateral Movement/Action. Having penetrated the endpoint, the attacker can try to infect other devices on the corporate network. This is known as lateral movement. The testers checked whether the security solutions detected attempts at such movement or any actions made possible as a consequence of it.

Kaspersky EDR Expert scored 100% in this segment; that is, not a single stage of any attack went unnoticed.

Legitimate Software Ratings

Good protection has to not only reliably repel threats, but also not prevent the user from using safe services. For this, the researchers introduced a separate score: the higher it was, the less often the solution mistakenly flagged legitimate websites or programs – especially popular ones – as dangerous.

Once again, Kaspersky EDR Expert got 100%.

Test results

Based on all the test results, Kaspersky Endpoint Detection and Response Expert was awarded the highest available rating: AAA. Three other products earned the same rating: Broadcom Symantec Endpoint Security and Cloud Workload Protection, CrowdStrike Falcon, and the anonymous solution. However, only we and Broadcom Symantec achieved a 100% score in the Total Accuracy Ratings.

That’s where independent testing comes in. Independent expert ratings can be trusted; they are what they say they are. To minimize randomness and get a more meaningful aggregate score, users should base their choice of security solution on several independent tests all at once. Testers don’t work together to compile an overall rating, however. So to make it easier for you to get a handle on all things AV-related, every year we combine the results of various independent studies into the Top 3 metric.

So, what is the Top 3 metric?

The metric is calculated on the basis of tests conducted by the world’s biggest and most reputable labs: AV-Comparatives, AV-Test, SELabs, MRG Effitas, Virus Bulletin, ICSA Labs, and PC Security Labs. We take into account both general and task-specific testing — for example, benchmarking of AV antiransomware performance, analysis of protection mechanisms for Android, measuring of false positives, and so on.

Each vendor’s products have three key stats: number of annual tests; number of top-three finishes; and number of first-place results. To make the results more balanced, companies that rarely reach out to independent experts (those with less than 35% participation rate in tests) are not included in the metric.

In 2017, well-known AV vendors such as Avast, AVG, Avira, BitDefender, ESET, F-Secure, G DATA, McAfee, Microsoft, Sophos, Symantec, Trend Micro, Kaspersky Lab, and many others featured in the Top 3 metric. 133 companies in total. See here for metric details and descriptions.

Top of the class

The undisputed leader over the past twelve months — for the fifth consecutive year! — is Kaspersky Lab. Our products not only were the most tested (86 times), but finished in the top three in 91% of all cases! In total, we scored 78 top-three hits and 72 firsts. For comparison: second-place BitDefender took part in just 61 tests and medaled in 44.

What’s the upshot?

So many golds for our products can mean only one thing: Thanks to Kaspersky Lab’s technological advancement and experience in the field of IT security, our solutions offer the most reliable protection for your devices against any threats, including the newest and most complex, and without crying wolf. And if you’re wondering which awards our products picked up in 2017, and what they mean, check out this post.

Choosing an antivirus solution can be a difficult task; many companies develop AV products, and each one likes to toot its own horn. All the same, you don’t have to take the developer at their word. To help users make an informed decision, independent testing labs regularly conduct research looking into whether a particular solution is good at identifying different malware types, if it runs fast, and whether it triggers false alarms.

Of course, we would like you to choose one of our solutions — but for the right reasons. So, in this post we’ll discuss the awards Kaspersky Lab products have received from independent testing labs. You can find details on the awards in an earlier post.

The most important point is that we receive awards from many test labs. Had Kaspersky Lab products received a bunch of awards from just one organization, the testers’ impartiality or the test’s accuracy could be brought into question. But here, most labs are in agreement. See for yourself:

February 21, 2019, update

In an annual report by independent test lab AV-Test, Kaspersky Lab products received a record number of awards: a total of eight certificates in four categories. Kaspersky Internet Security was honored with three prizes: Best Protection, Best Repair, and Best Usability.

In addition, two of our business products, Kaspersky Endpoint Security and Kaspersky Small Office Security, triggered the fewest false alarms. Our Small Office solution also won the Best Protection award, and Kaspersky Endpoint Security got Best Performance.

Finally, the free Kaspersky Virus Removal Tool was named Best Repair utility. Especially gratifying, Virus Removal Tool has now received this award five years running.

February 15, 2019, update

In AV-Comparatives’ independent report for 2018, Kaspersky Internet Security was named a Top Rated Product. Our solution received the maximum score in five out of seven tests and showed outstanding performance in the remaining two.

In addition, our product picked up separate awards in three special nominations: Kaspersky Internet Security was awarded Gold for Malware Removal, Silver for Lowest False Positives, and Bronze for Real-World Protection. AV-Comparatives also noted Kaspersky Internet Security’s user-friendly interface and wide range of additional features.

We congratulate @Kaspersky on receiving AV-Comparatives’ Top Rated Product Award, as well as other awards for individual tests in 2018.https://t.co/Ko931GFgZg pic.twitter.com/gjmlSrzmSo

— AV-Comparatives (@AV_Comparatives) February 15, 2019

January 31, 2019, update

Independent test laboratory AV-Test has awarded our family protection solution, Kaspersky Safe Kids for Windows, macOS, iOS and Android with three “Approved” certificates. As tests have revealed, Kaspersky Safe Kids is more effective than internal operating system tools in blocking inappropriate content. What’s more, Safe Kids can protect children from a wider variety of online dangers. For example, Safe Kids allows you to control private data transfer, protect family budget from online money traps, monitor for cyberbullying as well as help you watch for online grooming and more. As AV-Test experts found out, some of these features are unique to our Safe Kids protection software.

August 20, 2018, update

Kaspersky Internet Security has surpassed a host of rival solutions to receive the annual MRG Effitas Online Banking/Browser Security Award 2017/18 after consistently passing quarterly banking certification tests across a 12-month period. This is the fourth time in a row that our solutions have received this award – and we are the only one to claim it so many times in a row.

July 5, 2018, update

The latest MRG Effitas quarterly assessments showed that our products provide effective protection for both computers and smartphones. Kaspersky Internet Security received a Level 1 Certificate in the Online Banking test — the top award for antivirus software — neutralizing each and every one of more than 300 threats included in the test suite.

In the MRG Effitas 360 test, our solution once again proved to be 100% effective against ransomware and financial malware. Based on the results for the whole test cycle, Kaspersky Internet Security picked up a Level 1 Certificate.

Its mobile cousin Kaspersky Internet Security for Android also scored well and delivered the best performance in both test categories: Early Stage Detection, which tested the antivirus solution’s ability to neutralize threats immediately after download to the device, and Detection During Installation.

Kaspersky Anti-Targeted Attack Platform 2.0.0.122 (KATA) received two new quality certificates from ICSA Labs. During anti-targeted attack test rounds in Q1 and Q2 2018, our product left the competition trailing. For the fifth consecutive time, KATA posted the best result in this category, detecting all threats bar none with no false positives. No other solution in this class can boast of such success.

Meanwhile, SELabs gave its highest award to three of our products all at once. Kaspersky Internet Security neutralized more threats than any other product without a single false positive, becoming the best antivirus product for home PC. Kaspersky Small Office Security took gold for Small Business Anti-Virus Protection, and Kaspersky Endpoint Security for Windows did likewise for Enterprise Anti-Virus Protection. It’s worth noting that all three of our products notched up the highest possible score: 1,116 out of 1,116. No competitor solution achieved such towering results.

Last but not least, one of our most important results came in NSS Labs’ Advanced Endpoint Protection comparative analysis of 20 security products for business. During testing, Kaspersky Endpoint Security detected 99.4% of all threats, again with no false positives. Of particular note is the 100% protection against exploits, blended threats, and advanced evasion techniques, as well as the 100% result in HTTP attack scenarios and malware protection in documents and in offline mode.

As a result of this cumulative assessment, Kaspersky Endpoint Security received the top score in Security Effectiveness among all test participants. After factoring in the total cost of ownership, our solution was given the highly prized Recommended status.

March 21, 2018, update

AV-TEST results for 2017 show that our consumer and corporate products excelled once again, readily repeating last year’s success in the Best Performance, Best Repair, and Best Usability categories. Our flagship product — Kaspersky Internet Security — tops all three. The small business solution Kaspersky Small Office Security won acclaim for its performance, and Kaspersky Endpoint Security for large corporations was noted for the absence of false positives. This year too, the free Kaspersky Virus Removal Tool picked up the AV-TEST Best Repair award.

PC Magazine tested and evaluated our parental control solution, Kaspersky Safe Kids, awarding it four stars and calling it “an excellent choice.” The magazine noted that Safe Kids is affordable compared with similar products, and highlighted its flexible settings and impressive set of functions.

Tom’s Guide awarded three of our products. Kaspersky Internet Security received the Best Midrange Antivirus Product, Kaspersky Total Security was named the Best Premium Security Suite, and Kaspersky Internet Security for Mac was called the Best Antivirus for Mac.

March 1, 2018, update

Kaspersky Internet Security for Android placed first in AV-Test’s “The best antivirus software for Android” (January 2018). Our product got 6 out of 6 points for Protection and Usability, plus 1 extra point for Important Security Features.

Kaspersky Internet Security for Mac showed a 100% detection rate for MacOS malware in AV-Test’s “Antivirus Solutions for macOS Sierra.” Testers also highlighted its performance and low system load — the difference in performance between our security solution running and not running is less than 1%, which is unnoticeable in everyday use.

Our Windows flagship product, Kaspersky Internet Security, came in second in German Computer Bild magazine’s 2018 test.

February 19, 2018, update

Most tested, most awarded. In 2017 Kaspersky Lab products participated in 86 independent tests and reviews. Our products were awarded 72 firsts and achieved 78 top-three finishes. The Top 3 metric represents the aggregate scores achieved by over 80 well-known vendors in the security industry’s most respected, independent tests and reviews. Sustained performance across multiple tests and products gives a more meaningful assessment than a one-off performance in a single test.

February 8, 2018, update

Kaspersky Internet Security received MRG Effitas’ principal annual Online Banking/Browser Security Award for the third year in a row. This high level of security is maintained by the Safe Money component built into our security solution.

February 6, 2018, update

Our flagship solution, Kaspersky Internet Security, was awarded AV-Comparatives’ Outstanding Product Award 2017. This is the seventh year in a row our company has demonstrated the highest results on AV Comparatives’ tests. Actually, we are the first and only antivirus solution developer to have achieved such outstanding results.

January 10, 2018, update

PCMag awarded Kaspersky Anti-Virus its Editors’ Choice and named it a pick for Best Antivirus Protection of 2018. In another article, The Best Security Suites of 2018, Kaspersky Internet Security received the same accolade. It’s not the first time we received this award — our products earned the same awards a year earlier.

2016–2017 awards

There are many awards and certificates out there, and some companies are still summarizing the results of 2017, so hopefully, we’ll receive awards from them soon; we will update this post as they come in. For now, here is a list of the most important awards we have already received.

Consumer product awards

Our flagship security solution, Kaspersky Internet Security, participated in the largest number of tests and therefore received the most awards. To begin with, in AV-TEST’s annual analysis, Kaspersky Internet Security won in the Best Performance (more proof that Kaspersky doesn’t cause “lag”) and Best Usability categories, with the lowest false positive rate (i.e., Kaspersky doesn’t raise flags for no reason).

In addition to its top product awards, PCMag named Kaspersky Internet Security an Editors’ Choice. In 2016, AV Comparatives awarded us its Outstanding Security Product Medal and a good number of Advanced+ Certificates for various months, and MRG Effitas testers gave us certificates for passing two tests: an Online Banking Certification Test and the 360-degree Assessment & Certification. The first one means Kaspersky Internet Security is good at protecting online payments and other transactions, and the second one proves it is also good at protecting from a variety of threats, including ransomware. Details about MRG Effitas’ tests and our solutions’ performance on them can be found here.

Independent SE Labs also awarded Kaspersky Internet Security its highest rating, AAA, based on comparative testing. Finally, Virus Bulletin gave us a VB100 Certificate for Kaspersky Internet Security catching 100% of threats and raising zero false flags during its test.

Kaspersky Internet Security and Kaspersky Total Security are identical in terms of antivirus engines and security functions (you can learn about the differences between the two here), so you are safe to apply these awards to Total Security as well. They are the same solution, so it is just as reliable, works just as fast, and is just as accurate when distinguishing between malware and benign code. Kaspersky Total Security simply has several additional useful functions.

Kaspersky Anti-Virus has fewer functions and hasn’t participated in as many tests. However, that didn’t prevent it from winning PCMag’s Editors’ Choice award.

The mobile version of our protection solution, called Kaspersky Internet Security for Android, received the AV-TEST certificate.

Another product, Kaspersky Safe Kids, also received two AV-TEST certificates, one for the Android version and the other for the Windows version.

The free Kaspersky Virus Removal Tool was awarded AV-TEST’s Best Repair Award — in other words, the testers found it was the best at restoring a computer after an infection (though the best plan, of course, is not to get infected at all). A complete list of our awards can be found here.

Business product awards

Business products for both enterprises and small businesses received awards just as often as consumer-side applications did — or maybe even more often.

One of the most important was the 2017 Platinum Award from Gartner Peer Insights Customer Choice, awarded to Kaspersky Endpoint Security. That award means the users of our solution rated it highly for ease of use, reliability, simplicity of installation, and technical support desk professionalism.

Kaspersky Endpoint Security also received awards from AV-TEST for the lowest false alarms rate and best protection. SE Labs gave our app the highest rating, AAA, and Virus Bulletin gave it a VB100 Certificate, which we discussed above.

Our small business protection solution, Kaspersky Small Office Security, also received an impressive number of awards. AV-TEST gave it three awards: best protection, best performance, and fewest false alarms. The product also received SE Labs’ AAA rating.

Another of our products, Kaspersky Security for Linux Mail Server, received Virus Bulletin’s highest Spam+ Verified rating in spam blocking, for recognizing more than 99.8% of all spam messages.

Summing up

Everyone has the right to say their product is great, but to get a good idea of which protection is really better, don’t just take the developer’s word for it. This is why independent tests exist, and they show that Kaspersky Lab’s products won’t let you down; they are capable of detecting everything that should be detected, and they won’t bother you with false alarms or bog down your computer. You can read more about independent testing and our awards here.