PL
PL

Norton

Producer Information

ico top recent results
NORTON
Norton logo 2021

Norton is one of the most recognizable brands in the digital security industry, owned by the American company Gen Digital Inc. It is the same company that develops Avast, AVG, Avira, and CCleaner solutions. Today, Norton offers much more than just classic antivirus software, including advanced protection and a firewall, unlimited VPN, password manager, Dark Web monitoring, and extensive identity protection features. The brand’s philosophy is based on an “all-in-one” model, i.e., a comprehensive security and privacy package that works on multiple platforms and devices.

Key features of Norton

Norton’s multi-layered real-time protection uses artificial intelligence and behavioral analysis to block both known and new threats before they can cause damage. This is complemented by advanced ransomware protection, which prevents malware from encrypting your files and allows you to recover them in the event of an attack.

Norton Sandbox is one of the key features that ensures safe execution of suspicious applications in a controlled, isolated environment, protecting your system from the risk of infection. You can test files, monitor their behavior, and rest assured that even newly discovered threats will not reach your operating system.

Digital identity management is top-notch here, as Norton not only protects login credentials and personal data, but also actively monitors the Dark Web for potential leaks. This ensures that users receive notifications before their data can be exploited by cybercriminals.

Noteworthy features tested in our lab include Intrusion Prevention System (IPS) and Smart Firewall, which protect the network against external attacks by blocking unauthorized connections and detecting attempts to exploit applications in the system.

Selected Awards

Certificates that confirm the high quality of software and effectiveness in protecting against threats and attacks in real time.

AVLab CERT Product of the Year 2026 1

The certificate is awarded to solutions that achieve a high level of security throughout the year in the Advanced In-The-Wild Malware Test.

see more
AVLab CERT Remediation Time 2026 1

The TOP Remediation Time award reflects the quick response to threats through the complete neutralization of the entire “life cycle” of malware in the year-round Advanced in-The-Wild Malware Test.

see more
AVLab CERT internet banking protection 2026

We award developers who perfectly respond to cyberattacks reproducing the theft of payment data, or even the manipulation of information by banking Trojans.

see more
avlab 2026 january

Advanced In-The-Wild-Malware Test

Results in January 2026

Tested on default settings + browser protection

Norton logo 2021
Norton Antivirus Plus
WEB-LAYER
100%
RUNTIME DEFENSE
0%

Blocked: 395/395
Total: 100%

WEB-LAYER PROTECTION: The classification concerns detecting malware samples before they are launched in the system.

RUNTIME DEFENSE: The analysis level, i.e. a virus has been run and blocked by a tested product.

SYSTEM COMPROMISE: The failure, i.e. a virus hasn’t been blocked and it has infected a system.

Remediation Time in a Nutshell

January 2026

6

seconds

Average Remediation Time of active threats

99

seconds

Fastest Remediation Time of one single threat

69

seconds

Longest Remediation Time of one single threat

15

data breaches

or active threats
after Remediation

Remediation Time (RT) Legend
The time expressed in seconds from the introduction of malware into the system by a browser, through the launch, to detection and reaction by product on a security incident. The Remediation Time may depend on the real activity of the malware, which may increase calculated time.

remediation time diagram
Remediation time vertical

Example indicators

We can completely automate security tests carried out. For instance, we are able to record events of blocking an attack by a specific technology implemented in a product. If a product reacts to a malicious modification of the system, this kind of information is saved in the Windows event log or the local logs of the protection solution. We can capture such modification using the Windows API. For example, the activity of moving a virus to quarantine or running malware in a sandbox will cause the reading of a relevant key from the Windows registry or executing an action by a process. Then, we can mark recorded indicators as a detected attack, a blocked network connection, or an infected file removal. Here are some example indicators:

 ESET Internet Security:

ANTIVIRUS INDICATORSDESCRIPTION
C:\ProgramData\ESET\ESET Security\Logs\virlog.datMalware was removed or cured
*AppData\Local\ESET\ESET Security\QuarantineMalware was quarantined
C:\ProgramData\ESET\ESET Security\epfwlog.datBlocking of traffic by a firewall
C:\ProgramData\ESET\ESET Security\Logs\urllog.datBlocking of malware on a website

See the previous results

You can always go back in time and check how each individual security product performed during previous editions of the test. We make the results from all previous tests available to you to verify if your favorite developer has improved protection against latest malware in his security software.

January 2026
November 2025
September 2025
July 2025
May 2025
March 2025
January 2025
November 2024
September 2024
July 2024
May 2024
March 2024
January 2024
November 2023
September 2023
July 2023
May 2023
March 2023
January 2023
november 2022
SEPTEMBER 2022
JULY 2022
May 2022
March 2022
January 2022
November 2021
September 2021
July 2021
May 2021
March 2021
january 2021
NOVEMBER 2020
september 2020
JULY 2020
MAY 2020
MARCH 2020
JANUARY 2020
NOVEMBER 2019
september 2019
JULY 2019

Menu

Tests

AWARDS