MRG Effitas: ransomware protection test (April 2017)

In the era of attacks with the use of 0-day exploits, which were previously used by the NSA hackers (currently practically everyone has access to them), breaking into computers and devices around the world, protection of information systems and data is the most important issue. The individual user and the administrator in the company must secure all potential and least probable weaknesses, including such a non-obvious relationship that can be observed only after the tests are performed: the protection result may differ if we examine its effectiveness for a malicious file downloaded by browser (HTTP or HTTPS) and for the same file, but delivered using other protocols or ports: USB, SSH, SMB.

We have already written a lot about the ransomware threats. The MRG Effitas test should now be attached to this information.

Solutions that have achieved the best protection results:

  • Kaspersky Anti-Ransomware tool for Business (free tool)
  • Kaspersky Endpoint Security
  • Kaspersky Endpoint Security Cloud
  • ESET Endpoint Security
  • SentinelOne Next Generation Endpoint Security
  • Trend Micro Worry-Free Business Security Services
  • Trend Micro Xgen Endpoint Security

The list of tested security products was much longer:


According to its producer, the Panda Adaptive Defense 360 ​​solution was not yet ready for this test.

(1) the product was rejected due to the limited possibilities of protection,

(2) any requests to provide the license key did not materialize, therefore the product was rejected,

(3) the product was discarded due to problems with activation,

The types of ransomware threats that have been used to check protection:

  • Dharma
  • Troldesh
  • Guardian
  • Locky
  • Havoc MK II
  • Globe3
  • CryptoMix
  • Sage 2.0
  • Spore
  • Manifestus
  • philadelphia
  • Crypt0L0cker
  • CryptoShield

Only half of the tested products have achieved maximum protection results.

The best products that stand out from the competition are Kaspersky Lab's solutions. Both the free Kaspersky Anti-Ransomware Tool for Business and Kaspersky Endpoint Security Cloud as well as Kaspersky Endpoint Security showed 100% protection in all tests and received a certified ransomware protection badge. Trend Micro products have been characterized by excellent protection. Bitdefender Endpoint Security software obtained a slightly weaker result, which for one sample ransomware managed to stop the threat, but after encrypting a certain amount of test files.

In order to obtain a comprehensive image of protection against ransomware threats, we also recommend our study, in which we tested many more applications securing individual computers and workstations .



Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.