Our Kaspersky Standard security solution was named Product of the Year 2023 after in-depth testing by AV-Comparatives

What does “Product of the Year” actually mean?

The tests were carried out on our basic security solution for home users — Kaspersky Standard — but its outstanding results apply equally to all our endpoint products. The reason is simple: all our solutions use the same detection and protection technologies stack that was thoroughly tested by AV-Comparatives.

Thus, this top award, Product of the Year 2023, applies equally to our more advanced home protection solutions — Kaspersky Plus and Kaspersky Premium — and also our business products, such as Kaspersky Endpoint Security for Business and Kaspersky Small Office Security.

So what does it take to earn the coveted Product of the Year title?

A security solution needs to take part in seven tests throughout the year and consistently achieve the highest Advanced+ score in each of them. These tests examine the quality of protection against common threats and targeted attacks, resistance to false positives, and the impact on overall system performance. This golden triad of metrics forms the basis of a comprehensive evaluation of security solution performance.

That the testing is continuous over the course of a year is important since malware developers hardly sit around twiddling their thumbs — new threats emerge all the time, and existing ones evolve with breathtaking speed. Consequently, security solution developers must keep moving forward at the same pace. That’s why assessing performance at a single point in time is misleading — to get a true picture of a solution’s effectiveness requires extensive and repeated testing all year long. Which is precisely what AV-Comparatives does.

AV-Comparatives examined 16 security solutions from the largest vendors in its tests. Winning such a significant contest clearly demonstrates the highest level of protection provided by our products.

The seven rounds of tests — some of which individually lasted several months — that our protection took part in to eventually win the Product of the Year award were the following:

1. March 2023: Malware Protection Test spring series
2. April 2023: Performance Test spring series
3. February–May 2023: Real-World Protection Test first series
4. September 2023: Malware Protection Test autumn series
5. September–October 2023: Advanced Threat Protection Test
6. October 2023: Performance Test autumn series
7. July–October 2023: Real-World Protection Test second series

To earn AV-Comparatives’ Product of the Year title, a security solution needs to get the highest score in each stage of testing. And our product rose to the challenge: in each of the tests listed above, Kaspersky Standard scooped the top score — Advanced+.

The Product of the Year award went to Kaspersky Standard based on top marks in all seven of a series of AV-Comparatives’ tests in 2023

How AV-Comparatives tests security solutions

Now for a closer look at AV-Comparatives’ testing methodology. The different tests evaluate the different capabilities of the security solutions taking part.

Malware Protection Test

This test examines the solution’s ability to detect prevalent malware. In the first phase of the test, malicious files (AV-Comparatives uses just over 10,000 malware samples) are written to the drive of the test computer, after which they’re scanned by the tested security solution — at first offline, without internet access, and then online. Any malicious files that were missed by the protective solution during static scanning are then run. If the product fails to prevent or reverse all the malware’s actions within a certain time, the threat is considered to have been missed. Based on the number of threats missed, AV-Comparatives assigns a protection score to the solution.

Also during this test, the security solutions are evaluated for false positives. High-quality protection shouldn’t mistakenly flag clean applications or safe activities. After all, if one cries wolf too often, the user will begin to ignore the warnings, and sooner or later malware will strike. Not to mention that false alarms are extremely annoying.

The final score is based on these two metrics. An Advanced+ score means reliable protection with a minimum of false positives.

Real-World Protection Test

This test focuses on protection against the most current web-hosted threats at the time of testing. Malware (both malicious files and web exploits) is out there on the internet, and the solutions being tested can deploy their whole arsenals of built-in security technologies to detect the threats. Detection and blocking of a threat with subsequent rollback of all changes can occur at any stage: when opening a dangerous link, when downloading and saving a malicious file, or when the malware is already running. In any of these cases, the solution is marked a success.

As before, both the number of missed threats and also the number of false positives are taken into account for the final score. Advanced+ is awarded to products that minimize both these metrics.

Advanced Threat Protection Test

This test assesses the ability of the solution to withstand targeted attacks. To this end, AV-Comparatives designs and launches 15 attacks to simulate real-world ones, using diverse tools, tactics and techniques, with various initial conditions and along different vectors.

A test for false positives is also carried out. This checks whether the solution blocks any potentially risky, but not necessarily dangerous, activity (such as opening email attachments), which increases the level of protection at the expense of user convenience and productivity.

Performance Test

Another critical aspect of a security solution’s evaluation is its impact on system performance. Here, the lab engineers emulate a number of typical user scenarios to evaluate how the solution under test affects their run time. The list of scenarios includes:

• Copying and recopying files
• Archiving and unpacking files
• Installing and uninstalling programs
• Starting and restarting programs
• Downloading files from the internet
• Web browsing

Additionally, system-performance drops are measured against the PCMark 10 benchmark.

Based on these measurements, AV-Comparatives calculates the total impact of each solution on system performance (the lower this metric, the better), then applies a statistical model to assign a final score to the products: Advanced+, Advanced, Standard, Tested, Not passed. Naturally, Advanced+ means minimal impact on computer performance.

What other AV-Comparatives awards did Kaspersky pick up in 2023?

Besides Kaspersky Standard being named Product of the Year, our products received several other important awards based on AV-Comparatives’ tests in 2023:

• Real World Protection 2023 Silver
• Malware Protection 2023 Silver
• Advanced Threat Protection Consumer 2023 Silver
• Best Overall Speed 2023 Bronze
• Lowest False Positives 2023 Bronze
• Certified Advanced Threat Protection 2023
• Strategic Leader 2023 for Endpoint Prevention and Response Test 2023
• Approved Enterprise Business Security 2023

We have a long-standing commitment to using independent research by recognized test labs to impartially assess the quality of our solutions and address identified weaknesses when upgrading our technologies. For 20 years now, the independent test lab AV-Comparatives has been putting our solutions through their paces, confirming time and again our quality of protection and conferring a multitude of awards.

Throughout the whole two decades, we’ve received the highest Product of the Year award seven times; no other vendor of security solutions has had such a number of victories. And if we add to this all the Outstanding Product and Top Rated awards we’ve also received over the years, it turns out that Kaspersky security solutions have received top recognitions from AV-Comparatives’ experts a full 16 times in 20 years!

Besides this, AV-Comparatives has also awarded us:

• 57 Gold, Silver, and Bronze awards in a variety of specialized tests
• Two consecutive Strategic Leader awards in 2022 and 2023, for high results in protection against targeted attacks by the Kaspersky EDR Expert solution
• Confirmation of 100% anti-tampering protection (Anti-Tampering Test 2023)
• Confirmation of 100% protection against LSASS attacks (LSASS Credential Dumping Test 2022)
• Confirmation of top-quality Network Array Storage protection (Test of AV solution for Storage)
• and numerous other awards

Learn more about the awards we’ve received, and check out our performance dynamics in independent tests from year to year by visiting our TOP 3 Metrics page.

It’s tempting to just dismiss the notion as a myth, but behind every myth lies a grain of truth. In this case, the story is very instructive if you happen to care about your health.

From outer space to the computer monitor screen

It’s unclear when exactly the protective properties of the cactus were first mooted. Some sources mention a “NASA study”, but without providing a link. That said, NASA has indeed been studying the effect of cosmic radiation on plants for quite some time. Moreover, space researchers are extremely interested in the impact of ionizing (X-ray and Gamma ray) radiation — one of the main health risks in space. And it wouldn’t be at all surprising if cacti showed good results in such experiments — after all, they survive well in equatorial deserts, where the sun bombards them with ultraviolet radiation (which is of a similar wavelength to X-rays) practically constantly.

But in applying these observations to “harmful radiation from the monitor”, three questions arise:

1. Do computer monitors produce ionizing radiation?
2. Do computer monitors produce other harmful radiation?
3. Do cacti help to protect against it?

The first question is easy to answer with the help of a dosimeter. No, modern monitors don’t emit such ionizing radiation (like X-rays), which would exceed the natural background radiation.

However, all electrical appliances are a source of other electromagnetic radiation at lower frequencies. And since the term “radiation” has a negative connotation for many, some people are confused. This is probably why NASA’s space research got transferred to household appliances and the electromagnetic fields they produce.

Okay, let’s take a closer look at this non-X-ray radiation (don’t worry, it’s safe to do so). The effect of cacti on monitor radiation was studied in 2018 by researchers at two universities in Turkey. They collected cacti of different types and sizes (some very large), as well as various computer monitors: both old cathode ray tube ones (CRTs) and the more modern liquid crystal (desktop and laptop) displays (LCDs). Different cacti locations were also tested: both in front of and behind the monitors.

No matter where the cactus was placed, it had no effect at all on the strength of the magnetic field.

The Turkish scientists measured the magnetic field strength of the monitor both with and without cacti, and in all cases the plants had no effect at all. So there you have it: cacti don’t eat up electromagnetic radiation from monitors. That’s the first myth duly busted.

What electromagnetic fields are harmful?

The hardest question remains: what harm does electromagnetic radiation cause? The question cropped up in the Turkish study, and in many others. Strong electromagnetic fields are indeed harmful: in particular, they increase the risk of cancerous tumors. As such, both general WHO recommendations and more detailed safety standards exist, which specify the maximum permissible strength of electromagnetic fields (EMF).

The good news is that modern LCD and laptop monitors don’t produce dangerous EMFs. The bad news is that many household appliances around us do indeed generate very powerful and often harmful electromagnetic fields. Old CRTs are one culprit, but they’re far from the only ones.

You can analyze your home or office yourself using a device that measures electric field strength (in volts per meter) and magnetic flux density/intensity (in microteslas). It should be noted though that the safety standards for different countries can vary greatly (see the comparative table).

In many European countries the maximum permissible intensity of an alternating electric field with a frequency of 50/60Hz (the AC frequency in the socket) in residential areas is 5000V/m, and the maximum intensity of the magnetic field is 100 microteslas. However, in some countries the limits are stricter, i.e., lower: for example in China (4000V/m), Japan (3000V/m), the Czech Republic and Croatia (2000V/m), and Poland (1000V/m). Meanwhile, the most stringent standards of all are those in Russia: in residential premises, the electric field should not exceed 500V/m, and magnetic induction – five microteslas.

This pertains to radiation that’s produced by the current from our sockets, as well as household appliances using this current. But many modern devices produce radio frequency emissions that are even more “energetic”; that is, they transmit more energy into living tissue due to their higher frequency. Therefore, the safety standards for them are much stricter. For instance, in most European countries, for radiation with a frequency of 900MHz (at which modern mobile devices operate), the permissible electric field strength is 41V/m, and the magnetic induction of such emitters should not exceed 0.14 microteslas.

Wired smartphone charger produces rather strong EMFs.

Let’s check what values are to be found in a modern apartment. Measuring a socket with a smartphone charger, we see that the electric field strength is 1296V/m and the magnetic induction is 14.6 microteslas. Not very healthy, judging by Russian, or Polish, or Slovenian standards. And a wireless smartphone charger, despite its small size, generates a much stronger field: 1919V/m and 16 microteslas.

A Fast Charge wireless charger generates even stronger EMFs — not surprisingly since it charges devices wirelessly.

Even more powerful electromagnetic fields can be found near electric stoves (especially induction ones), refrigerators, microwave ovens, and Wi-Fi routers.

How to handle harmful fields?

The above-described norms are not set in stone, especially since they vary from country to country — and not only with regard to the prescribed limits, but also the very parameters chosen for measurement. For example, some safety standards evaluate not the intensity of electromagnetic radiation, but the maximum time a person can be exposed to it without harmful effects.

So, to analyze your specific case, it’s better to get expert advice. We’ll simply add a few tips for protecting against harmful EMFs. There are two main technical means and one, let’s say, humanitarian.

The first technical method is screening — the installation of special metal mesh structures between the user and a powerful electrical appliance. This method is quite often used in industry, but very rarely in everyday life.

The second method is more applicable to the home: ensuring that electrical appliances are correctly grounded to dump “surplus electricity” from your devices. Better to call in a professional electrician than attempt it yourself. And even an experienced electrician might not be able to help if the design of your building doesn’t allow grounding.

But the third method of defense you can always implement yourself. Called the “inverse square law,” it states that EMF strength decreases rapidly with distance from the radiation source (inversely proportionally to the square of the distance from the source, to be precise). Therefore, at 1.5–2 meters away from almost any home device, its radiation is weak and not harmful.

In other words, don’t go to bed with your head pressed against a socket holding a couple of mobile phone chargers, or sit at the desk with your back against a Wi-Fi router. Just apply that same “distance rule” in respect of electrical appliances that you were probably told in childhood every time you ran to watch the TV.

And to make this rule easier to follow, try marking the area around the device in question. For example, surround it with large cacti. And if someone kindly informs you that these plants don’t guard against harmful radiation, tell them about the inverse square law and the helpful role played by your prickly pals. They don’t stop the radiation reaching the person — rather the person reaching the radiation.

So, is it fact or fiction that cacti protect from harmful radiation?

Fiction. The study showed that cacti have no effect on electromagnetic radiation whatsoever. But there are still useful for fencing off household appliances that generate EMF.

The results of a recent test — Enterprise Advanced Security (EDR): Enterprise 2022 Q2 – DETECTION — were revealed in an SE Labs‘ report. The British company has been putting the security solutions of major vendors through their paces for several years now. In this latest test, our business product Kaspersky Endpoint Detection and Response Expert achieved an absolute 100% score in targeted attack detection and was awarded the highest possible rating – AAA.

This is not SE Labs’ first analysis of our products for protecting corporate infrastructure against sophisticated threats. The company previously ran its Breach Response Test (which we took part in in 2019). In 2021, our product was tested in their Advanced Security Test (EDR). Since then, the testing methodology has been tweaked, and the test itself has been divided into two parts: Detection and Protection. This time, SE Labs studied how effective security solutions are at detecting malicious activity. Besides Kaspersky EDR Expert, four other products took part in the test: Broadcom Symantec, CrowdStrike, BlackBerry, and another, anonymous, solution.

Grading system

The testing was made up of several checks, but to get a feel for the results, it will suffice to look at the Total Accuracy Ratings. This basically shows how well each solution detected attacks at different stages, and whether it pestered the user with false positives. For even greater visual clarity, the participating solutions were assigned an award: from AAA (for products with a high Total Accuracy Rating) to D (for the least effective solutions). As mentioned, our solution got a 100% result and an AAA rating.

The Total Accuracy Ratings consist of scores in two categories:

• Detection Accuracy: this takes into account the success of detecting each significant stage of an attack.
• Legitimate Software Rating: the fewer the false positives generated by the product, the higher the score.

There’s one other key indicator: Attacks Detected. This is the percentage of attacks detected by the solution during at least one of the stages, giving the infosec team a chance to respond to the incident.

How we were tested

Ideally, testing should reveal how the solution would behave during a real attack. With that in mind, SE Labs tried to make the test environment as life-like as possible. First, it wasn’t the developers who configured the security solutions for the test, but SE Labs’ own testers, who received instructions from the vendor – as clients’ infosec teams usually do. Second, the tests were carried out across the entire attack chain – from first contact to data theft or some other outcome. Third, the tests were based on the attack methods of four real and active APT groups:

• Wizard Spider, which targets corporations, banks and even hospitals. Among its tools is the banking Trojan Trickbot.
• Sandworm, which primarily targets government agencies and is infamous for its NotPetya malware, which masqueraded as ransomware, but in fact destroyed victims’ data beyond recovery.
• Lazarus, which became widely known after the large-scale attack on Sony Pictures in November 2014. Having previously focused on the banking sector, the group has recently set its sights on crypto-exchanges.
• Operation Wocao, which targets government agencies, service providers, energy and tech companies, and the healthcare sector.

Threat detection tests

In the Detection Accuracy test, SE Labs studied how effectively security solutions detect threats. This involved carrying out 17 complex attacks based on four real-world attacks by Wizard Spider, Sandworm, Lazarus Group, and Operation Wocao actors, in which four significant stages were highlighted, each of which consisted of one or more interconnected steps:

• Delivery/Execution
• Action
• Privilege Escalation/Action
• Lateral Movement/Action

The test logic does not require the solution to detect all events at any particular stage of the attack; it is enough to identify at least one of them. For example, if the product failed to notice how the payload got onto the device, but detected an attempt to run it, it successfully passed the first stage.

Delivery/Execution. This stage tested the solution’s capacity to detect an attack in its infancy: at the time of delivery — for example, of a phishing e-mail or malicious link — and execution of the dangerous code. In real conditions, the attack is usually stopped there, since the security solution simply doesn’t allow the malware to go any further. But for the purposes of the test, the attack chain was continued to see how the solution would cope with the next stages.

Action. Here, the researchers studied the solution’s behavior when attackers have already gained access to the endpoint. It was required to detect an illegitimate action by the software.

Privilege Escalation/Action. In a successful attack, the intruder attempts to gain more privileges in the system and cause even more damage. If the security solution monitors such events or the privilege escalation process itself, it’s awarded extra points.

Lateral Movement/Action. Having penetrated the endpoint, the attacker can try to infect other devices on the corporate network. This is known as lateral movement. The testers checked whether the security solutions detected attempts at such movement or any actions made possible as a consequence of it.

Kaspersky EDR Expert scored 100% in this segment; that is, not a single stage of any attack went unnoticed.

Legitimate Software Ratings

Good protection has to not only reliably repel threats, but also not prevent the user from using safe services. For this, the researchers introduced a separate score: the higher it was, the less often the solution mistakenly flagged legitimate websites or programs – especially popular ones – as dangerous.

Once again, Kaspersky EDR Expert got 100%.

Test results

Based on all the test results, Kaspersky Endpoint Detection and Response Expert was awarded the highest available rating: AAA. Three other products earned the same rating: Broadcom Symantec Endpoint Security and Cloud Workload Protection, CrowdStrike Falcon, and the anonymous solution. However, only we and Broadcom Symantec achieved a 100% score in the Total Accuracy Ratings.

Instead of a thousand words

There are many well-regarded test labs out there, each of which conducting dozens of studies every year. As a result, the amount of information available is considerable — enough to fairly drown the uninitiated. To make things easier, Kaspersky compiles its own annual summary of the tests carried out by AV-Test, AV-Comparatives, MRG Effitas, SE Labs and other major players. We cover both all-round and narrowly-focused studies — for example, how well different vendors’ solutions tackle ransomware or spyware.

Having compiled all the results, we bring them together in our TOP3 chart. This infographic rates security developers on three criteria simultaneously: (i) how actively they took part in tests (horizontal axis), (ii) how many times they made the Top 3 (vertical axis), and (iii) how many times they took first place (diameter of the respective circle).

Thus, the overall result is easy to discern: the bigger the circle with the vendor name, and the further to the right and higher it is — the better its products performed over the past year. In total, we participated in 75 independent tests in 2021; in 84% of them we placed in the top 3, and in 57 tests our products ranked first.

The bigger the circle, the more often the company’s solutions ranked first in independent tests

In 2021, Kaspersky solutions were among the Top 3 most tested antivirus and security products. Our solutions achieved more podium finishes than any other. Kaspersky protection also claimed the highest number of top spots. This means that most specialized test labs recognize the high performance of our solutions — both corporate and home.

Everything checked

Another reason why we ensure our products participate in as many tests as possible is because cyberthreats have become too diverse for one all-round study. Here are just some of the specialized tests our security solutions have passed.

Ransomware

During the tests, the participating antiviruses face several families of ransomware in both corporate and home setups. These tests can be quite absorbing — so much so that we dedicated a separate article to one of them.

Fileless

Fileless attacks, as their name suggests, do away with files on user devices and are therefore hard to detect. The tests evaluate not only success rate, but also the time it takes to detect fileless attacks.

Vulnerabilities and exploits

Cybercriminals use exploits to attack a system through vulnerabilities, so the tests assess the speed of detecting and eliminating them.

APT attacks

To reach an important target, cybercriminals sometimes conduct multi-stage attacks and create unique tools. In APT defense testing, researchers test solutions’ ability to detect and block unfamiliar and brand-new threats.

Phishing

During phishing testing, experts simulate the behavior of average online users and evaluate how promptly and effectively protection kicks in against data thieves.

Stalkerware

Stalkerware refers to semi-legal tracking apps that anyone can buy online. People often covertly install them on the device of a partner or spouse to monitor their location, read their contacts and messages, look through their photos and so on.

Because of their semi-legal status, stalkerware cannot formally be classified as malware. For this reason, some security developers prefer to turn a blind eye and not pay due attention to protection against this class of programs. But we disagree: we consider it important to protect our customers from tracking apps, and do our best to ensure that our products effectively detect stalkerware and warn the victims.

False positives

A good security solution not only eliminates threats, but also refrains from bothering the user over mere trifles. Don’t underestimate how important this is: if your antivirus constantly cries wolf, you’ll stop taking it seriously.

Also note that some security developers try to compensate for their less-than-perfect technologies by sounding the alarm at the slightest possibility of a threat. Therefore, the number of false positives is often a good indicator of the true quality of protection: the fewer, the better. As such, most independent tests typically list the number of false positives alongside threat detection capability.

Expert opinion

To recap, in 2021 Kaspersky products passed numerous tests with flying colors, and independent experts once again confirmed the company’s leadership in the security solutions market. Of course, we have no intention of resting on our laurels, and shall continue to develop our technologies to keep your devices fully protected against all threats. Safe online surfing!

Ah, the title of this post may have given it away, but yes, of course, it’s ransomware (aka cryptomalware, but I’ll stick with the simpler, less tongue-twisting, and professional term ‘ransomware’).

So: ransomware. Bad. How bad?…

Well, it’s actually so bad, and has been so consistently bad for years, so deeply embedded in all things digital, and has so overwhelmed so many large organizations (even indirectly being followed by human deaths), which (large organizations) have forked out so much money to pay ransoms for, that the world’s news media has become almost indifferent to it. It’s stopped being headline news, having been transformed into an every-day casual event. And that’s what’s most worrying of all: it means the cyber-scumbags (apologies for such a strong language, but it’s really the best way to describe these folks) are winning; cyber-extortion is becoming a seemingly inevitable reality of today’s digital world and it seems there’s nothing can be done about it.

And they’re winning for three reasons:

Third (I’ll start at the end): the ‘big boys’ are still playing their schoolyard geopolitical games, which blocks national cyber-polices exchanging operational information for coordinated searching, catching, arresting and charging of ransomware operators.

Second: users aren’t prepared – resilient – enough to respond to such attacks.

And first (most important): not all washing powders are the same anti-ransomware technologies are equally effective – by a long way.

Often, ‘on the tin’, anti-ransomware technologies featured in cybersecurity solutions are claimed to be effective. But in practice they don’t quite do exactly what it says on the tin, or – if they do, consistently. And what does this mean? That users are scandalously unprotected against very professional, technically sophisticated ransomware attacks.

But don’t just take my word for it. Check what the trusted German testing institute – AV-TEST – say. They’ve just published complex research on the ability of cybersecurity products to tackle ransomware. They paid no attention whatsover to marketing claims (à la ‘this deodorant is guaranteed to last for 48 hours’), and didn’t just use widely-know in-the-wild ransomware samples. They besieged several of the top cybersecurity solutions in real ‘battlefield’ conditions, firing at them all sorts of live-ammunition ransomware artillery that’s actually out there today. As mentioned, no in-the-wild samples, but those technically capable of weaponizing a ransomware attack. And what did they find? On the whole – something thoroughly shocking and scary:

Now, simply checking fresh samples of, say, 20 regular ransomware families known to every security vendor (in other words, samples already in the cybersecurity vendors’ databases) – almost all cyber-protection copes well with this.

However, the research objective was to see what happens when things are made tougher – to test as close to real life conditions as possible. How do the products react to new attack methods of ransomware malware? What happens if it covertly penetrates a corporate network and starts causing havoc? How well do the products prevent network attacks where user files in shared folders are encrypted remotely – including network attacks that use ransomware samples that were successfully detected and blocked in the basic initial scenario?

Just three (3!) tested products out of 11 managed to deal with such kinds of new, tricky ransomware attacks. And among them, only our Kaspersky Endpoint Security Cloud protected user data with a 100% result. Note that attacks aimed at stealing user data are still among the most widespread – posing a serious threat to organizations whose project documentation, customer information, backups and other data are stored in networked locations.

But that’s not all! Are you sitting down?…

Most of the tested security solutions not only failed to detect attacks and protect user files, but also managed to delete the text messages from the cyber-extortionists containing the ransom demands! But those messages can contain the technical information for recovering the encrypted files! This information is what is used by cybersecurity experts in their attempts to help the victim: to identify the malware, find a vulnerability in the encryption algorithm, and either develop a decryptor for retrieving valuable data or suggest resorting to an existing decryptor from independent open sources (for example, No More Ransom).

Not fallen off your chair yet? Good. Then we’ll add some more findings that may amaze you…

AV-TEST also checked how well the security solutions do examining ‘entrails’ of ransomware still poorly used in-the-wild ransomware or even APTs, but which pose a threat to society as they may start being used soon. For example: abuse of legitimate Windows services, encryption via hard and symbolic links, delayed packet encryption, or encryption via memory-mapped files. Fourteen different techniques in total. And what do you think was found in the testing? Again, it was only our Kaspersky Endpoint Security Cloud that demonstrated a 100% result: every single user file was protected and all the threats were eliminated from the targeted system!

Oh, and one last thing: only two products were able to roll back changes made to user data after a remote ransomware attack. Needless to say – our product was one of them.

In general, while up in the higher-echelons of world power they’re still squabbling over whose economic-geopolitical model is best, and which products to allow or ban due to their origin and ‘national interests’ – regardless of their actual quality and usefulness for real users – fortunately, users can continue to decide for themselves by choosing the best solution. ‘Best’ as in: the most effective, efficient, reliable and fast, and with a no-compromise approach to stopping attacks of any kind and no matter where from.

So there you have it. A short piece to show you that it’s not only the devil that can hide in the details, but also… a heavenly savior – in this case anti-ransomware tech that… actually works).

You can find more details on the results of the testing in this post.

May the Ransomware Protection Force be with you!

Those aren’t idle questions: Partial protection against ransomware is a dubious achievement. If a solution can’t stop a threat in its tracks, then where is the guarantee that it at least kept critical files safe?

With that in mind, independent company AV-Test put 11 endpoint protection platform products through their paces in 113 different attacks to determine to what extent they actually protect users. AV-Test selected Kaspersky Endpoint Security Cloud for testing, and our product performed flawlessly throughout. The tests used three scenarios:

Protection of user files against prevalent ransomware

The first test scenario envisaged the most typical ransomware attack, one in which the victim runs malware on their computer, and the malware tries to get to local files. A positive result means the threat was neutralized (that is, all malware files deleted, execution of processes stopped, all attempts to gain a foothold in the system thwarted), with every single user file unencrypted and accessible. AV-Test performed a total of 85 tests in this scenario with the following 20 ransomware families: conti, darkside, fonix, limbozar, lockbit, makop, maze, medusa (ako), mountlocker, nefilim, netwalker (aka mailto), phobos, PYSA (aka mespinoza), Ragnar Locker, ransomexx (aka defray777), revil (aka Sodinokibi or Sodin), ryuk, snatch, stop, and wastedlocker.

In this scenario, nearly every security solution did an excellent job, which is not surprising; it used well-known malware families. The next scenarios were more difficult.

Protection against remote encryption

In the second scenario, the protected machine held files that were accessible over the local network, and the attack came from another computer on the same network (the other computer had no security solution, leaving the attackers free to run the malware, encrypt local files, and then search for accessible information on neighboring hosts). The malware families were: avaddon, conti, fonix, limbozar, lockbit, makop, maze, medusa (ako), nefilim, phobos, Ragnar Locker, Ransomexx (aka defray777), revil (aka Sodinokibi or Sodin), and ryuk.

The security solution, seeing a system process manipulating local files but unable to see the launch of the malware, could not check the reputation of the malicious process or the file that initiated it — or scan the file. As it turned out, of the 11 testees, only three offered any kind of protection against this type of attack, and only Kaspersky Endpoint Security Cloud handled it perfectly. Moreover, although Sophos’ product was triggered in 93% of cases, it fully protected the user’s files in only 7%.

Protection against proof-of-concept ransomware

The third scenario shows how products cope with malware that they cannot possibly have encountered before and that could not, even hypothetically, be present in malware databases. Because security can identify a yet-unknown threat only by means of proactive technologies that react to the malware’s behavior, the researchers created 14 fresh ransomware samples that employed methods and technologies that cybercriminals rarely use, as well as some original never-before-seen encryption techniques. As in the first scenario, they defined success as threat detection and blocking, including maintaining the integrity of all files on the victim’s machine and completely removing all traces of the threat from the computer.

Results varied, with some (ESET and Webroot) not detecting the custom-made malware at all and others performing better (WatchGuard 86%, TrendMicro 64%, McAfee and Microsoft 50%). The only solution that demonstrated 100% performance was Kaspersky Endpoint Security Cloud.

Test results

To sum up, Kaspersky Endpoint Security Cloud outperformed its competitors in all of AV-Test’s scenarios, protecting users against threats both known in the wild and newly created.

Aggregate results of all three test scenarios.

Incidentally, the second scenario revealed another, somewhat unexpected fact: Most of the products that failed to protect users’ files nevertheless removed the ransom note files. Even leaving aside the failure, that’s not good practice; such files may contain technical information that could help incident investigators recover data.

You can download the full report, with a detailed description of the test malware (both known and created by testers), after filling the form below.

There is no shortage of online reviews, of course, although the users who post them may have any level of cybersecurity expertise, bias, and understanding of what various consumers actually want. Fortunately, independent international organizations specializing in professional cybersecurity testing make their objective approach available. They evaluate all manner of security products: home antivirus utilities, corporate security solutions, parental control apps, password managers, and more.

The evaluators

Several major labs have a strong global reputation. Here are the best-known.

Austrian lab AV-Comparatives is an independent organization with a spotless reputation that has been testing security solutions for more than 20 years;

AV-TEST GmbH, a German independent research institute specializing in IT security, has been testing security solutions for more than 15 years;

British SE Labs has been in the industry for only five years, but its founder, Simon Edwards, is a renowned security expert. He has been in the antivirus testing business for a quarter of a century and was one of the first to deploy real-world attack scenarios in tests.

Knowing how each lab assesses protection, what criteria it uses, and what it focuses on, makes it easier to understand which awards are relevant. With that in mind, we compiled this report on how the laboratories test security solutions.

Antivirus testing: AV-Comparatives

Throughout each year, AV-Comparatives conducts numerous tests based on various criteria: detection and removal of common malware in lab conditions; real-world protection capabilities; performance; protection against complex threats; and false positives.

Based on their aggregate scores, the competing solutions vie for one of three annual awards: Product of the Year, Outstanding Security Product, and Top Rated. But which is best?

The names don’t make intuitive sense. For example, Top Rated status from AV-Comparatives is the equivalent of third place, not “top,” as you might expect from the name. Further, if only one solution scores maximum points for the year, it becomes the Product of the Year. But sometimes more than one product reaches that summit. In such cases, the lab selects the product of the year based on the results of individual tests or confers an honor on the solution with the longest awards drought, leaving the other star performers to share the title of Outstanding Security Product and second place.

Effective protection and high speed

AV-Comparatives awarded Kaspersky Internet Security its Product of the Year 2020 title. Our solution excelled in all tests and outperformed the toughest competitors by number of accolades. It also won a number of annual awards in each discipline based on results achieved throughout the year:

• Real-World Protection 2020 GOLD — for high performance against real threats with minimal false positives;
• Advanced Threat Protection 2020 GOLD — for best protection against bodiless threats and exploits for known and new software vulnerabilities. This is Kaspersky Internet Security’s second consecutive year winning the gold in this demanding test;
• Lowest False Positives 2020 SILVER — for the fewest false positives in all tests. That means the antivirus does not erroneously react to legitimate programs;
• Malware Protection 2020 BRONZE — for detection of common malware with minimal false positives;
• Best Overall Speed 2020 BRONZE — for minimal impact on system performance while maintaining an optimal level of protection. This puts a lid on the antivirus slowdown myth, at least as far as our products are concerned.

Based on its test results, AV-Comparatives also assigns each antivirus solution a level: Standard, Advanced, or Advanced+. The lab notes that even the Standard level indicates a high-quality solution, although it points to a need for some improvements. For certain product categories (for example, Mac and Android protection, parental control), the levels do not apply — all products that pass the tests receive an Approved badge.

In sum, Kaspersky Internet Security received an Advanced+ rating in every test throughout the year.

Antivirus testing: AV-TEST

The AV-TEST Institute evaluates security solutions in three areas: Protection, Performance, and Usability (false-positive rate). The maximum score for each test is 6 points. AV-TEST uses samples of both the newest and the most common threats to test the level of computer protection.

Solutions that score 17.5–18 points (the maximum being 18) in the course of each two-month test cycle earns Top Product status. Tests are carried out separately for solutions protecting systems under different operating systems, as well as for highly specialized security applications.

Best antivirus for Windows

Kaspersky Internet Security for Windows received the highest possible score in four of the six series of AV-TEST’s tests over the past year; and close to the maximum (17.5 points) in the other two. Our antivirus was a Top Product in all six certifications. The solution has received this status consistently since 2016, the rating’s first year.

Meanwhile, our corporate product, Kaspersky Endpoint Security for Business, fell short by half a point on just one of the six tests, performing flawlessly in all the others. Six Top Product awards is an excellent result. The solution confirmed its top status for the fourth straight year. In addition, based on its annual test results, AV-TEST presented the Best Performance award to Kaspersky Endpoint Security for the third year in succession.

Best antivirus for Android

Kaspersky for Android delivered the best result in five of the six test cycles of 2020, and in the first and thus far only test of 2021. Moreover, in catching malware, it scored maximum points on each of the monthly tests, always with minimal impact on the performance of the test gadget.

Best antivirus for macOS

Kaspersky Internet Security for macOS has also been riding high this past year. In all tests in which it participated, our antivirus received the top AV-TEST rating.

Best VPN solution

In VPN testing, Kaspersky VPN Secure Connection also proved its worth. According to independent experts, it demonstrated the best data transfer speeds both between continents and for anonymous surfing, and the best throughput on torrent networks.

Best parental control solution

Kaspersky Safe Kids for Windows 10, Android 8, and iOS 12.4 took part in parental control testing. All three received APPROVED Parental Control Software certificates. To receive this award, a solution must possess all basic features and block unwanted content with minimal false positives.

Antivirus testing: SE Labs

As part of its regular quarterly research on security solutions for workstations, SE Labs carries out two tests: Protection Accuracy Rating and Legitimate Accuracy Rating.

Based on its test results, each product receives an overall, letter-based score: AAA is the highest, followed by AA, A, B, and C. SE Labs also calculates the Total Accuracy Rating, an important consideration when comparing two products with the same letter rating.

Total protection

In the past year, Kaspersky Internet Security received AAA ratings in all four SE Labs quarterly tests for home products (the Home Anti-Malware Protection Awards). Also, our antivirus has consistently ranked first in the Total Accuracy Rating.

Incidentally, the company tests not only home antivirus products, but also corporate solutions. Kaspersky Endpoint Security for Business received the Best Enterprise Endpoint award, making it Product of the Year for workplace protection in large companies. As for the Total Accuracy Rating, both Kaspersky Endpoint Security and Kaspersky Small Office Security have topped it three times already.

Conclusion

Of course, the choice of security solution is influenced by a range of factors — from clichéd advertising to advice from friends and family. However, if you are serious about this issue, the evaluations of independent international organizations make a weighty argument in favor of a particular solution. That is why we actively participate in external independent tests and intend to continue doing so. For us, this is not a mere marketing ploy; a professional outside opinion helps us to control the quality of our technologies and solutions objectively. As you can see, Kaspersky solutions show a consistently high level of performance. The results speak for themselves.

That’s where independent testing comes in. Independent expert ratings can be trusted; they are what they say they are. To minimize randomness and get a more meaningful aggregate score, users should base their choice of security solution on several independent tests all at once. Testers don’t work together to compile an overall rating, however. So to make it easier for you to get a handle on all things AV-related, every year we combine the results of various independent studies into the Top 3 metric.

So, what is the Top 3 metric?

The metric is calculated on the basis of tests conducted by the world’s biggest and most reputable labs: AV-Comparatives, AV-Test, SELabs, MRG Effitas, Virus Bulletin, ICSA Labs, and PC Security Labs. We take into account both general and task-specific testing — for example, benchmarking of AV antiransomware performance, analysis of protection mechanisms for Android, measuring of false positives, and so on.

Each vendor’s products have three key stats: number of annual tests; number of top-three finishes; and number of first-place results. To make the results more balanced, companies that rarely reach out to independent experts (those with less than 35% participation rate in tests) are not included in the metric.

In 2017, well-known AV vendors such as Avast, AVG, Avira, BitDefender, ESET, F-Secure, G DATA, McAfee, Microsoft, Sophos, Symantec, Trend Micro, Kaspersky Lab, and many others featured in the Top 3 metric. 133 companies in total. See here for metric details and descriptions.

Top of the class

The undisputed leader over the past twelve months — for the fifth consecutive year! — is Kaspersky Lab. Our products not only were the most tested (86 times), but finished in the top three in 91% of all cases! In total, we scored 78 top-three hits and 72 firsts. For comparison: second-place BitDefender took part in just 61 tests and medaled in 44.

What’s the upshot?

So many golds for our products can mean only one thing: Thanks to Kaspersky Lab’s technological advancement and experience in the field of IT security, our solutions offer the most reliable protection for your devices against any threats, including the newest and most complex, and without crying wolf. And if you’re wondering which awards our products picked up in 2017, and what they mean, check out this post.

Choosing an antivirus solution can be a difficult task; many companies develop AV products, and each one likes to toot its own horn. All the same, you don’t have to take the developer at their word. To help users make an informed decision, independent testing labs regularly conduct research looking into whether a particular solution is good at identifying different malware types, if it runs fast, and whether it triggers false alarms.

Of course, we would like you to choose one of our solutions — but for the right reasons. So, in this post we’ll discuss the awards Kaspersky Lab products have received from independent testing labs. You can find details on the awards in an earlier post.

The most important point is that we receive awards from many test labs. Had Kaspersky Lab products received a bunch of awards from just one organization, the testers’ impartiality or the test’s accuracy could be brought into question. But here, most labs are in agreement. See for yourself:

February 21, 2019, update

In an annual report by independent test lab AV-Test, Kaspersky Lab products received a record number of awards: a total of eight certificates in four categories. Kaspersky Internet Security was honored with three prizes: Best Protection, Best Repair, and Best Usability.

In addition, two of our business products, Kaspersky Endpoint Security and Kaspersky Small Office Security, triggered the fewest false alarms. Our Small Office solution also won the Best Protection award, and Kaspersky Endpoint Security got Best Performance.

Finally, the free Kaspersky Virus Removal Tool was named Best Repair utility. Especially gratifying, Virus Removal Tool has now received this award five years running.

February 15, 2019, update

In AV-Comparatives’ independent report for 2018, Kaspersky Internet Security was named a Top Rated Product. Our solution received the maximum score in five out of seven tests and showed outstanding performance in the remaining two.

In addition, our product picked up separate awards in three special nominations: Kaspersky Internet Security was awarded Gold for Malware Removal, Silver for Lowest False Positives, and Bronze for Real-World Protection. AV-Comparatives also noted Kaspersky Internet Security’s user-friendly interface and wide range of additional features.

We congratulate @Kaspersky on receiving AV-Comparatives’ Top Rated Product Award, as well as other awards for individual tests in 2018.https://t.co/Ko931GFgZg pic.twitter.com/gjmlSrzmSo

— AV-Comparatives (@AV_Comparatives) February 15, 2019

January 31, 2019, update

Independent test laboratory AV-Test has awarded our family protection solution, Kaspersky Safe Kids for Windows, macOS, iOS and Android with three “Approved” certificates. As tests have revealed, Kaspersky Safe Kids is more effective than internal operating system tools in blocking inappropriate content. What’s more, Safe Kids can protect children from a wider variety of online dangers. For example, Safe Kids allows you to control private data transfer, protect family budget from online money traps, monitor for cyberbullying as well as help you watch for online grooming and more. As AV-Test experts found out, some of these features are unique to our Safe Kids protection software.

August 20, 2018, update

Kaspersky Internet Security has surpassed a host of rival solutions to receive the annual MRG Effitas Online Banking/Browser Security Award 2017/18 after consistently passing quarterly banking certification tests across a 12-month period. This is the fourth time in a row that our solutions have received this award – and we are the only one to claim it so many times in a row.

July 5, 2018, update

The latest MRG Effitas quarterly assessments showed that our products provide effective protection for both computers and smartphones. Kaspersky Internet Security received a Level 1 Certificate in the Online Banking test — the top award for antivirus software — neutralizing each and every one of more than 300 threats included in the test suite.

In the MRG Effitas 360 test, our solution once again proved to be 100% effective against ransomware and financial malware. Based on the results for the whole test cycle, Kaspersky Internet Security picked up a Level 1 Certificate.

Its mobile cousin Kaspersky Internet Security for Android also scored well and delivered the best performance in both test categories: Early Stage Detection, which tested the antivirus solution’s ability to neutralize threats immediately after download to the device, and Detection During Installation.

Kaspersky Anti-Targeted Attack Platform 2.0.0.122 (KATA) received two new quality certificates from ICSA Labs. During anti-targeted attack test rounds in Q1 and Q2 2018, our product left the competition trailing. For the fifth consecutive time, KATA posted the best result in this category, detecting all threats bar none with no false positives. No other solution in this class can boast of such success.

Meanwhile, SELabs gave its highest award to three of our products all at once. Kaspersky Internet Security neutralized more threats than any other product without a single false positive, becoming the best antivirus product for home PC. Kaspersky Small Office Security took gold for Small Business Anti-Virus Protection, and Kaspersky Endpoint Security for Windows did likewise for Enterprise Anti-Virus Protection. It’s worth noting that all three of our products notched up the highest possible score: 1,116 out of 1,116. No competitor solution achieved such towering results.

Last but not least, one of our most important results came in NSS Labs’ Advanced Endpoint Protection comparative analysis of 20 security products for business. During testing, Kaspersky Endpoint Security detected 99.4% of all threats, again with no false positives. Of particular note is the 100% protection against exploits, blended threats, and advanced evasion techniques, as well as the 100% result in HTTP attack scenarios and malware protection in documents and in offline mode.

As a result of this cumulative assessment, Kaspersky Endpoint Security received the top score in Security Effectiveness among all test participants. After factoring in the total cost of ownership, our solution was given the highly prized Recommended status.

March 21, 2018, update

AV-TEST results for 2017 show that our consumer and corporate products excelled once again, readily repeating last year’s success in the Best Performance, Best Repair, and Best Usability categories. Our flagship product — Kaspersky Internet Security — tops all three. The small business solution Kaspersky Small Office Security won acclaim for its performance, and Kaspersky Endpoint Security for large corporations was noted for the absence of false positives. This year too, the free Kaspersky Virus Removal Tool picked up the AV-TEST Best Repair award.

PC Magazine tested and evaluated our parental control solution, Kaspersky Safe Kids, awarding it four stars and calling it “an excellent choice.” The magazine noted that Safe Kids is affordable compared with similar products, and highlighted its flexible settings and impressive set of functions.

Tom’s Guide awarded three of our products. Kaspersky Internet Security received the Best Midrange Antivirus Product, Kaspersky Total Security was named the Best Premium Security Suite, and Kaspersky Internet Security for Mac was called the Best Antivirus for Mac.

March 1, 2018, update

Kaspersky Internet Security for Android placed first in AV-Test’s “The best antivirus software for Android” (January 2018). Our product got 6 out of 6 points for Protection and Usability, plus 1 extra point for Important Security Features.

Kaspersky Internet Security for Mac showed a 100% detection rate for MacOS malware in AV-Test’s “Antivirus Solutions for macOS Sierra.” Testers also highlighted its performance and low system load — the difference in performance between our security solution running and not running is less than 1%, which is unnoticeable in everyday use.

Our Windows flagship product, Kaspersky Internet Security, came in second in German Computer Bild magazine’s 2018 test.

February 19, 2018, update

Most tested, most awarded. In 2017 Kaspersky Lab products participated in 86 independent tests and reviews. Our products were awarded 72 firsts and achieved 78 top-three finishes. The Top 3 metric represents the aggregate scores achieved by over 80 well-known vendors in the security industry’s most respected, independent tests and reviews. Sustained performance across multiple tests and products gives a more meaningful assessment than a one-off performance in a single test.

February 8, 2018, update

Kaspersky Internet Security received MRG Effitas’ principal annual Online Banking/Browser Security Award for the third year in a row. This high level of security is maintained by the Safe Money component built into our security solution.

February 6, 2018, update

Our flagship solution, Kaspersky Internet Security, was awarded AV-Comparatives’ Outstanding Product Award 2017. This is the seventh year in a row our company has demonstrated the highest results on AV Comparatives’ tests. Actually, we are the first and only antivirus solution developer to have achieved such outstanding results.

January 10, 2018, update

PCMag awarded Kaspersky Anti-Virus its Editors’ Choice and named it a pick for Best Antivirus Protection of 2018. In another article, The Best Security Suites of 2018, Kaspersky Internet Security received the same accolade. It’s not the first time we received this award — our products earned the same awards a year earlier.

2016–2017 awards

There are many awards and certificates out there, and some companies are still summarizing the results of 2017, so hopefully, we’ll receive awards from them soon; we will update this post as they come in. For now, here is a list of the most important awards we have already received.

Consumer product awards

Our flagship security solution, Kaspersky Internet Security, participated in the largest number of tests and therefore received the most awards. To begin with, in AV-TEST’s annual analysis, Kaspersky Internet Security won in the Best Performance (more proof that Kaspersky doesn’t cause “lag”) and Best Usability categories, with the lowest false positive rate (i.e., Kaspersky doesn’t raise flags for no reason).

In addition to its top product awards, PCMag named Kaspersky Internet Security an Editors’ Choice. In 2016, AV Comparatives awarded us its Outstanding Security Product Medal and a good number of Advanced+ Certificates for various months, and MRG Effitas testers gave us certificates for passing two tests: an Online Banking Certification Test and the 360-degree Assessment & Certification. The first one means Kaspersky Internet Security is good at protecting online payments and other transactions, and the second one proves it is also good at protecting from a variety of threats, including ransomware. Details about MRG Effitas’ tests and our solutions’ performance on them can be found here.

Independent SE Labs also awarded Kaspersky Internet Security its highest rating, AAA, based on comparative testing. Finally, Virus Bulletin gave us a VB100 Certificate for Kaspersky Internet Security catching 100% of threats and raising zero false flags during its test.

Kaspersky Internet Security and Kaspersky Total Security are identical in terms of antivirus engines and security functions (you can learn about the differences between the two here), so you are safe to apply these awards to Total Security as well. They are the same solution, so it is just as reliable, works just as fast, and is just as accurate when distinguishing between malware and benign code. Kaspersky Total Security simply has several additional useful functions.

Kaspersky Anti-Virus has fewer functions and hasn’t participated in as many tests. However, that didn’t prevent it from winning PCMag’s Editors’ Choice award.

The mobile version of our protection solution, called Kaspersky Internet Security for Android, received the AV-TEST certificate.

Another product, Kaspersky Safe Kids, also received two AV-TEST certificates, one for the Android version and the other for the Windows version.

The free Kaspersky Virus Removal Tool was awarded AV-TEST’s Best Repair Award — in other words, the testers found it was the best at restoring a computer after an infection (though the best plan, of course, is not to get infected at all). A complete list of our awards can be found here.

Business product awards

Business products for both enterprises and small businesses received awards just as often as consumer-side applications did — or maybe even more often.

One of the most important was the 2017 Platinum Award from Gartner Peer Insights Customer Choice, awarded to Kaspersky Endpoint Security. That award means the users of our solution rated it highly for ease of use, reliability, simplicity of installation, and technical support desk professionalism.

Kaspersky Endpoint Security also received awards from AV-TEST for the lowest false alarms rate and best protection. SE Labs gave our app the highest rating, AAA, and Virus Bulletin gave it a VB100 Certificate, which we discussed above.

Our small business protection solution, Kaspersky Small Office Security, also received an impressive number of awards. AV-TEST gave it three awards: best protection, best performance, and fewest false alarms. The product also received SE Labs’ AAA rating.

Another of our products, Kaspersky Security for Linux Mail Server, received Virus Bulletin’s highest Spam+ Verified rating in spam blocking, for recognizing more than 99.8% of all spam messages.

Summing up

Everyone has the right to say their product is great, but to get a good idea of which protection is really better, don’t just take the developer’s word for it. This is why independent tests exist, and they show that Kaspersky Lab’s products won’t let you down; they are capable of detecting everything that should be detected, and they won’t bother you with false alarms or bog down your computer. You can read more about independent testing and our awards here.

US information security expert Chris Thomas (aka Space Rogue) created a project, Cyber Squirrel 1, that demonstrates hackers’ insignificance in the cyberwars compared with tech’s real enemies: wild animals. The number of cases of our four-legged (and other) friends squirreling their way in and disrupting hi-tech systems runs into the thousands.

How do they do it? You’re about to find out. Take our quiz and try to guess which malfunctions were caused by a human cyberattack and which were the result of a furry black-op.