Endpoint Security Testing Matters: New NSS AEP Test Results

Endpoint Security Testing Matters: New NSS AEP Test Results

NSS Labs, Inc. has just released the 2018 edition of their Advanced Endpoint Protection testing, and Trend Micro’s endpoint solutions have performed very well, resulting in a “recommended” rating. We had strong performance on “security effectiveness” meaning that we detected and blocked threats effectively. We also had a low total cost of ownership relative to most other vendors in the test.

You can see the test results here: https://resources.trendmicro.com/NSSLabs-Adv-Endpoint-Report.html

“Next Generation” isn’t working better than Trend Micro

This latest test clearly shows Trend Micro performing better than a number of “next generation” endpoint vendors. These same vendors would have you believe a marketing story that Trend Micro relies on AV signatures and can’t detect modern threats, but this has proven to be nonsense. The line between Trend Micro and “next gen” is blurrier than ever.

We have performed well on this and other independent tests because of our cross-generation blend of threat detection techniques. We’re one of the very few endpoint security vendors using state-of-the art machine learning techniques to analyze threats not only pre-execution, but also at run-time (which dramatically boosts effectiveness against file-less malware). We also leverage behavioral IOA detection, our anti-exploit engine, virtual patching capabilities, and a powerful noise cancellation capability to reduce false positives.

In the coming days, vendors who did poorly may release “re-tests” in order to benefit from correcting “bugs” in their products. Unsurprisingly, after learning from their missed detections and correcting their “bugs” they will be able to improve their performance. It’s important to focus on the level playing field of the public test, where all vendors see the test scenarios for the first time.

Testing Matters

Independent third-party testing of endpoint security products is more important than ever, in a landscape full of marketing claims and “next generation” jargon. It is difficult for enterprises to assess the numerous vendor offerings in order to figure out who will actually be more effective, without unacceptable operational cost.

Our objective is to work constructively with independent test labs, avoiding “pay for play” tests, and aiming for an evaluation that is as real-world as possible. We do this instead of publishing our own biased tests, and instead of encouraging customers to test endpoint products for themselves, with biased sample sets we provide. Independent labs are going to deliver a better answer for customers.

Tests like this NSS AEP evaluation make our products better; you can be sure that for each of the small number of missed detections, Trend Micro has investigated, learned, and improved its products already. That’s a key benefit for customers, beyond the evaluation report itself.

Blocking Matters

It’s worth noting that NSS Labs’ latest AEP test rates “security effectiveness” on the Y axis based on ability to block threats, not only detect them. This aligns with what we frequently hear from our customers: they want effective detection, but they also want automatic response (quarantine, isolation, process termination). Response shouldn’t be left to a later investigative stage if it can be handled immediately and automatically. Our detection technologies are seamlessly linked with our response capability, even with run-time detections where process termination can be followed by roll-back to ensure data isn’t damaged or lost.

Achieving Low TCO

NSS Labs not only examines detection and blocking effectiveness, but also assesses TCO using a formula that accounts for product cost, but also the staffing costs to operate products, deal with investigations, missed detections and outbreaks. During this test cycle Trend Micro showed we minimize these staffing expenses by minimizing manual effort for the IT team, and providing the information and tools needed for prompt investigation.

The threat landscape keeps on moving, and we continue to invest heavily to enhance our detection effectiveness while keeping TCO low for our customers.