Latest news with #KasperskyNextEDRExpert
Cision Canada
15-06-2025
- Business
- Cision Canada
AV-Comparatives Validates Real-World Threat Detection in 2025 EDR XDR MDR Certification Testing
INNSBRUCK, Austria, June 15, 2025 /CNW/ -- "As cyberattacks evolve, detection can't be a checkbox. Our 2025 EDR/XDR Certification helps CISOs assess how effectively their tools uncover stealthy, real-world threats." - Andreas Clementi, ceo and founder, AV-Comparatives This independent evaluation tested enterprise cybersecurity solutions under advanced threat scenarios. The goal: to assess their ability to detect and report real-world attacks with precision and visibility. Unlike, e.g. the EPR Test, which focuses on prevention, the EDR test simulates complex attack scenarios to assess how well a product detects and logs each stage of an intrusion, providing insights into its visibility, telemetry quality, and threat detection precision. Threat visibility based on threat hunting capabilities is also considered. AV-Comparatives is pleased to announce that five out of seven solutions have achieved certification so far under our transparent and rigorous methodology. Certified Products – EDR, XDR and MDR Solutions The following products earned certification in the 2025 test round CrowdStrike Falcon Pro ESET PROTECT Enterprise Cloud G DATA 365 MXDR (MDR solution) Kaspersky Next EDR Expert (in the pilot test) Palo Alto Networks Cortex XDR Pro One Methodology for EDR, XDR and MDR While initially designed to evaluate EDR and XDR capabilities, the test can equally be applied to MDR (Managed Detection and Response) offerings. In this round, G DATA successfully participated with their MDR solution, demonstrating that even managed offerings can be assessed under realistic, controlled attack conditions. A Focus on Real-World Visibility This evaluation simulates Advanced Persistent Threat (APT) attacks, using known Tactics, Techniques, and Procedures (TTPs) from frameworks such as MITRE ATT&CK. All products were tested in monitoring mode only, meaning prevention features were disabled. The goal: to measure how well threats are detected and reported, not blocked. Highlights of the methodology: Execution of complex attack chains Validation of detections via alerts in the management console or through manual threat hunting in telemetry Transparent certification model: only products meeting the detection threshold are certified and publicly listed Methodological Improvements and the Road Ahead The 2025 test incorporated feedback from independent analysts, resulting in greater transparency, enhanced scoring, and deeper telemetry validation. Further enhancements are planned for the 2026 certification test. The EDR Detection Validation Test is open to EPP, EDR, XDR, and MDR vendors seeking independent validation of their detection capabilities. Certification offers vendors industry recognition and deep technical insight into their solution's real-world performance. Contact us to participate in the next test cycle. Cybersecurity and Antivirus Test Results are available at or the following vendors: Avast, AVG, Avira, Bitdefender, Checkpoint, Cisco, CrowdStrike, Elastic, Fortinet, F-Secure, ESET, G DATA, Gen Digital. Google, Intego, K7 Computing, Kaspersky, Malwarebytes, ManageEngine, McAfee, Microsoft, NetSecurity, Nordsec, Norton, Palo Alto Networks, Rapid7, SenseOn, Sophos, Total Defense, TotalAV, Trellix, TrendMicro, VIPRE, WithSecure and many more
Biz Bahrain
16-05-2025
- Business
- Biz Bahrain
Biometrics and building automation systems were the most attacked operational technology sectors at the beginning of 2025
In Q1 2025, malicious objects were blocked on 21.9% of ICS computers globally, according to a new report by Kaspersky ICS CERT (Industrial Control Systems Cyber Emergency Response Team). Regionally this share varied: from 10.7% in Northern Europe to 29.6% in Africa. From Q4 2024 to Q1 2025, the share of ICS computers on which malicious objects were blocked increased in Russia (by 0.9 p.p.), Central Asia (by 0.7 p.p.), South Asia (by 0.3 p.p.), Western Europe (by 0.2 p.p.), Northern Europe (by 0.1 p.p.) and Southern Europe (by 0.1 p.p.). The share of ICS computers with blocked malicious objects, per region Threats by industries The biometrics sector was targeted more than any other industry vertical (malicious objects were blocked on 28.1% of ICS computers), followed by building automation (25%), electric power facilities (22,8%), construction facilities (22.4%), engineering equipment (21.7%), oil & gas facilities (17.8%), and manufacturing (17.6%). Main threat sources The OT cyberthreat landscape at the beginning of 2025 remained diverse, with threats spreading via the internet continuing as the main source of cyber risks to OT computers (these threats were blocked on 10.11% of ICS computers), followed by email clients (2.81%) and removable media at (0.52%). 'As the internet remains the primary source of threats to ICS computers, in the first quarter of 2025, the share of ICS computers attacked with malware spread via the internet increased for the first time since the beginning of 2023. The main categories of threats from the internet are denylisted internet resources, malicious scripts and phishing pages. Malicious scripts and phishing pages is the leading category of malware used for initial infection of ICS computers – they act as droppers of next-stage malware, such as spyware, crypto miners and ransomware. The rise in internet-based attacks on ICS highlights the critical need for advanced threat detection to counter sophisticated malware campaigns,' commented Evgeny Goncharov, Head of Kaspersky ICS CERT. To keep OT computers protected from various threats, Kaspersky experts recommend: • Conducting regular security assessments of OT systems to identify and eliminate possible cyber security issues. • Establishing continuous vulnerability assessment and triage as a foundation for effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available in public. • Performing timely updates for the key components of the enterprise's OT network; applying security fixes and patches or implementing compensating measures as soon as it is technically possible is crucial for preventing a major incident that might cost millions due to the interruption of the production process. • Using EDR solutions such as Kaspersky Next EDR Expert for timely detection of sophisticated threats, investigation, and effective remediation of incidents. • Improving the response to new and advanced malicious techniques by building and strengthening teams' skills in incident prevention, detection, and response. Dedicated OT security trainings for IT security staff and OT personnel is one of the key measures helping to achieve this. The full report on ICS threats for Q1 2025 is available by the link.
Associated Press
23-03-2025
- Business
- Associated Press
AV-Comparatives Launches Groundbreaking EDR Detection Validation Test -- Kaspersky Next EDR Expert Achieves Certification in Inaugural Assessment
INNSBRUCK, Austria, March 23, 2025 /PRNewswire/ -- AV-Comparatives, a globally recognized independent authority in cybersecurity testing, is pleased to announce the certification of Kaspersky Next EDR Expert following its successful performance in the inaugural Endpoint Detection and Response (EDR) Detection Validation Test. The pilot report can be found here: Significance of the EDR Detection Validation Test As cyber threats become increasingly sophisticated, organizations face the challenge of detecting and responding to advanced persistent threats (APTs) that can bypass traditional preventive measures. The EDR Detection Validation Test addresses this critical need by evaluating the detection capabilities of enterprise security solutions, including Endpoint Protection Platforms (EPP), EDR, and Extended Detection and Response (XDR) systems. This test provides Chief Information Security Officers (CISOs) and industry analysts with unbiased, empirical data to assess the effectiveness of these solutions in real-world scenarios. Methodology Overview This test assesses real-world detection performance under APT (Advanced Persistent Threat) scenarios, with all products configured in monitoring mode only (prevention features disabled). Key aspects include: Simulating APT attacks using various Tactics, Techniques, and Procedures (TTPs). Monitoring for detections via active alerts in the management console or locally. Applying threat hunting techniques to analyse telemetry data when immediate alerts are absent. Utilizing the Empire framework in the initial 2025 phase for execution and evaluation. This comprehensive approach ensures that the evaluation reflects the product's ability to detect complex attack vectors effectively. 'As attackers continuously refine their techniques, organizations must ensure that their security solutions can detect even the most advanced threats. Our new EDR Detection Validation Test provides an objective benchmark for evaluating these capabilities. Kaspersky's participation in this first-of-its-kind assessment underscores its commitment to transparency and continuous improvement in cybersecurity,' said Andreas Clementi, CEO and Founder of AV-Comparatives. 'We value independent professional assessments of our enterprise security solutions, as they provide expert third-party insights into real-world capabilities and help us identify opportunities for further improvement. AV-Comparatives' new EDR Detection Validation Certification Test is one of such evaluations, and we were proud to be the first vendor to take on this challenge,' said Alexander Liskin, Head of Threat Research at Kaspersky. He added, 'Kaspersky Next EDR Expert successfully detected multiple attack techniques throughout the rigorous testing process, earning Certified status. This recognition reaffirms our commitment to delivering advanced, effective cybersecurity solutions that help organisations strengthen their defenses against evolving threats.' Kaspersky Next EDR Expert's Performance Kaspersky's participation in this pilot test demonstrated its commitment to transparency and continuous improvement. The Next EDR Expert solution successfully detected multiple techniques employed in the simulated attack scenarios, achieving certification under AV-Comparatives' rigorous standards. This accomplishment underscores Kaspersky's dedication to providing robust detection capabilities against sophisticated threats. Call to Action for Cybersecurity Vendors AV-Comparatives invites all cybersecurity vendors to participate in the EDR Detection Validation Test. Engaging in this evaluation not only demonstrates a commitment to transparency but also provides valuable insights into product performance against advanced threats. Participation ensures that solutions meet the evolving security needs of organizations worldwide. Interested vendors are encouraged to contact AV-Comparatives to schedule their assessments. Jan Brilke [email protected], COO of AV-Comparatives, is happy to provide more information. About AV-Comparatives AV-Comparatives is an independent organization offering systematic testing to examine the efficacy of security software products and mobile security solutions. Utilizing one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. Certification by AV-Comparatives is globally recognized as a seal of approval for software performance.
Yahoo
23-03-2025
- Business
- Yahoo
AV-Comparatives Launches Groundbreaking EDR Detection Validation Test -- Kaspersky Next EDR Expert Achieves Certification in Inaugural Assessment
INNSBRUCK, Austria, March 23, 2025 /CNW/ -- AV-Comparatives, a globally recognized independent authority in cybersecurity testing, is pleased to announce the certification of Kaspersky Next EDR Expert following its successful performance in the inaugural Endpoint Detection and Response (EDR) Detection Validation Test. The pilot report can be found here: Significance of the EDR Detection Validation Test As cyber threats become increasingly sophisticated, organizations face the challenge of detecting and responding to advanced persistent threats (APTs) that can bypass traditional preventive measures. The EDR Detection Validation Test addresses this critical need by evaluating the detection capabilities of enterprise security solutions, including Endpoint Protection Platforms (EPP), EDR, and Extended Detection and Response (XDR) systems. This test provides Chief Information Security Officers (CISOs) and industry analysts with unbiased, empirical data to assess the effectiveness of these solutions in real-world scenarios. Methodology Overview This test assesses real-world detection performance under APT (Advanced Persistent Threat) scenarios, with all products configured in monitoring mode only (prevention features disabled). Key aspects include: Simulating APT attacks using various Tactics, Techniques, and Procedures (TTPs). Monitoring for detections via active alerts in the management console or locally. Applying threat hunting techniques to analyse telemetry data when immediate alerts are absent. Utilizing the Empire framework in the initial 2025 phase for execution and evaluation. This comprehensive approach ensures that the evaluation reflects the product's ability to detect complex attack vectors effectively. "As attackers continuously refine their techniques, organizations must ensure that their security solutions can detect even the most advanced threats. Our new EDR Detection Validation Test provides an objective benchmark for evaluating these capabilities. Kaspersky's participation in this first-of-its-kind assessment underscores its commitment to transparency and continuous improvement in cybersecurity," said Andreas Clementi, CEO and Founder of AV-Comparatives. "We value independent professional assessments of our enterprise security solutions, as they provide expert third-party insights into real-world capabilities and help us identify opportunities for further improvement. AV-Comparatives' new EDR Detection Validation Certification Test is one of such evaluations, and we were proud to be the first vendor to take on this challenge," said Alexander Liskin, Head of Threat Research at Kaspersky. He added, "Kaspersky Next EDR Expert successfully detected multiple attack techniques throughout the rigorous testing process, earning Certified status. This recognition reaffirms our commitment to delivering advanced, effective cybersecurity solutions that help organisations strengthen their defenses against evolving threats." Kaspersky Next EDR Expert's Performance Kaspersky's participation in this pilot test demonstrated its commitment to transparency and continuous improvement. The Next EDR Expert solution successfully detected multiple techniques employed in the simulated attack scenarios, achieving certification under AV-Comparatives' rigorous standards. This accomplishment underscores Kaspersky's dedication to providing robust detection capabilities against sophisticated threats. Call to Action for Cybersecurity Vendors AV-Comparatives invites all cybersecurity vendors to participate in the EDR Detection Validation Test. Engaging in this evaluation not only demonstrates a commitment to transparency but also provides valuable insights into product performance against advanced threats. Participation ensures that solutions meet the evolving security needs of organizations worldwide. Interested vendors are encouraged to contact AV-Comparatives to schedule their assessments. Jan Brilke COO of AV-Comparatives, is happy to provide more information. About AV-Comparatives AV-Comparatives is an independent organization offering systematic testing to examine the efficacy of security software products and mobile security solutions. Utilizing one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. Certification by AV-Comparatives is globally recognized as a seal of approval for software performance. For more information, please visit Contact: Peter Stelzhammer media@ +43512287788 Infographic - - View original content to download multimedia: SOURCE AV-Comparatives View original content to download multimedia: Sign in to access your portfolio
