Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) solutions are derived from multi-layered endpoint protection. Their role real time monitoring of operating systems and applications in the cloud. They take proactive threat hunting, including Indicator of Compromise (IoC) artifacts, to a higher level. This can mean that a secured business will receive more useful feedback from endpoints, helping to identify the source of attacks, and better protect the entire network.
The use of EDR-XDR is designed to improve the visibility of the flow of information from the entire infrastructure. Insight into telemetry includes not only endpoints, but also Amazon Web Service cloud systems, Microsoft Azure, mobile devices, IoT sensors, Web 2.0 applications, and even edge devices.
Through an independent evaluation of solutions equipped with EDR-XDR modules, we confirm their effectiveness in detecting and responding to advanced attacks (APTs). The test is conducted in a simulated environment. The goal of the test is to provide as much detail as possible about the solution when responding to attacks and threats. The feedback can be used to improve software and better secure endpoints.
The test covers the following areas:
The evaluation of the tested solutions is addressed to developers and companies that are looking for comprehensive protection of all devices in the network. The test ends with a certificate, and the results and conclusions can help you choose the solution that best meets the needs of your organization.
The final report can indicate the strengths of the product, and additionally shows whether the solution meets certain standards. This will have a positive impact on customer decisions related to product selection.
Initial preparation of Windows security breach scenarios.
Setting up the test environment and verifying that the simulated attacks are working correctly.
Conduct a targeted investigation taking into account the visibility of attacks and threats in telemetry.
The test examines the ability to automatically respond to threats, such as isolation of infected devices, blocking communication, and automatic repair.
We verify the correct operation of manual incident management.
We provide and discuss technical details.
Emsisoft Enterprise Security + EDR
default settings
Eset Protect Elite + XDR
default settings + all rules for EDR enabled
Metras + EDR
default settings
Microsoft Defender for Business + EDR
default settings
Xcitium Advanced + EDR
predefined policy 8.1
Join the developers certificated by the independent organization.
Use the certificate for marketing purposes, e.g. place it on your website, promote your company in a magazine, allow potential customers to see that you own a reputable solution.
Safely test out your solution in a controlled environment.
Receive feedback and improve the effectiveness of your security product.
Setting priorities, presenting our capabilities, and terms of cooperation.
If the solution requires a license or appropriate configuration, the developer must provide details.
Test a product in a configured environment.
Test a product in a configured environment.
We have been dealing with testing and cybersecurity since 2012. During this time, we have performed hundreds of tests that have allowed us to improve the products of the largest developers on the market.
We are affiliated with the prestigious AMTSO (Anti-Malware Testing Standards Organization) which upholds the standards of conducting security tests. As part of our functions in the international community of experts, we work on improving the transparency, objectivity, and quality of security software tests.
View one of AMTSO’s latest compliance reports
We invite all interested developers and providers of security solutions for individual customers and for medium and large companies to work with us. We encourage you to get familiar with our offer and opportunities for cooperation.