Antivirus tests generally focus on the overall security and performance of the product tested. This is especially true in the consumer realm, where AV vendors battle it out not just in detecting threats, but also in avoiding heavy system usage as they seek to show home users that their computers won’t crack under the workload. Some tests, however, seek to determine precisely how capable the product is against sophisticated, highly targeted attacks.
Austria-based AV-Comparatives, a leading independent organization known for unbiased reviewing and testing of antivirus software, has rolled out its latest Advanced Threat Protection Test for the consumer segment, awarding Bitdefender the ADVANCED+ rating after confirming stellar performance in a wide range of targeted attack scenarios.
The targeted PCs used in the test were fully patched 64-bit Windows 10 systems, each with a different AV product installed. All tests used a subset of the Tactics, Techniques and Procedures (TTPs) listed in the MITRE ATT&CK® framework.
The tests involved both staged and non-staged malware samples, complete with obfuscation and/or encryption of malicious code before execution. Different Command & Control (C2) channels were used to connect to the attacker (HTTP, HTTPS, TCP) while using well-known exploit frameworks like Metasploit, PowerShell Empire and others.
The test consisted of 15 attack scenarios, from social engineering to malware to pure malicious code injected directly into memory (fileless). The test was carried out entirely manually, focusing squarely on protection.
Points were awarded for detecting and/or blocking the threat pre-execution or on-execution – not so much in the post-execution stage, when the threat already had a chance to run on the system and phone back to base.
As AV Comp puts it, “a good burglar alarm should go off when somebody breaks into your house, not wait until they start stealing things.”
None of the test scenarios required administrator permissions on the targeted system, while the tester already had the user credentials needed to proceed with the advanced attack. This was because an attacker typically already has the victim’s credentials in hand during a targeted attack.
The ATP test is rigorous and aggressive. Main-Test-Series vendors were given the opportunity to opt-out of the ATP leg before the test started. Because some vendors were still perfecting their products, some decided to drop out of this test module, leaving just nine players to battle it out.
Few vendors did well and even fewer came out on top – just two. We not only had the confidence to participate in the ATP test, we aced it!
Bitdefender proudly accepts AV-Comparatives’ ADVANCED+ ranking – the highest for detecting and blocking the vast majority of threats either in the pre- or post-execution stages, with zero false alarms.
“Whilst this test is for consumer products, the attack techniques used are the same as for our Enterprise ATP test,” AV-Comparatives said. “Hackers may be highly motivated to attack the home computers of specific, high-profile individuals, e.g. politicians or the very wealthy … Targeted attacks on enterprises may begin by taking control of the home computer of the CEO, for example,” the institute added.
The product tested was the latest version of Bitdefender Internet Security, which consistently ranks high in tests and reviews, with stellar protection rates and low impact on system performance.
In January, AV-Comparatives awarded Bitdefender Internet Security the Outstanding Security Product rating. The product also made TechRadar’s Editor’s Choice this year, and PC Mag’s Editor’s Choice for 2021.
Bitdefender joined AV-Comparatives’ Main Test Series at the start of the program in 2004. Since 2018, Bitdefender has consistently won the ADVANCED+ rating in AV Comparatives’ Real-World Protection Test, Malware Protection Test, and Performance test.
Learn more about Bitdefender Internet Security at: https://www.bitdefender.com/solutions/internet-security.html.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024