Summary of Advanced In-The-Wild Malware Test
The purpose of this summary is to recognize the developers whose software participated in the research initiated by the AVLab Cybersecurity Foundation in 2024. The awarding of a special “Product of the Year 2025” award is an excellent opportunity to encourage individuals in IT managerial positions, heads of technology and security, who need to implement appropriate standards and procedures to ensure digital security with the best solutions.
In preparing the year-long test summary, we want to reward manufacturers in two categories. The first category is the “Product of the Year 2025” award, which recognizes products that offer robust protection of the Windows operating system from a comprehensive perspective. This award emphasizes the behavior of the user who browses the Internet, downloads, and runs unknown, potentially malicious files.
The second award is the “TOP Remediation Time 2025” certificate, which is awarded for rapid remediation of malware once it has entered the system and is running. The TOP Remediation Time award recognizes an effective and timely response to malware that encompasses the entire life cycle of the malware – from the moment the sample enters the system to the removal of malicious activity, such as restarting the operating system or restoring data through the rollback feature.
The Advanced In-The-Wild Malware Test series is one of the most rigorous and meticulous tests available, revealing the protection product’s capabilities against real-world threats that infiltrate computers through spam, instant messaging, or Web sites.
Our testing procedures involve evaluating solutions either on default settings or with additional security features enabled. If we determine that additional features should be activated or are required by the software manufacturer, we always include a note in the report after each test edition.
The following criteria will be used to determine the winners
To be considered for the Product of the Year 2025 certificate, the tested solution had to meet specific criteria:
- First, the solution had to participate in at least three editions of the Advanced In-The-Wild Malware Test. These tests are performed six times per year.
- Secondly, obtain 3x EXCELLENT certification, demonstrating a minimum of 99% protection effectiveness.
Additional TOP Remediation Time 2025 certification:
The software must neutralize all threats in at least three editions of the test and obtain a score of 100%. If the solution has been tested more than three times, we will consider the three results with the lowest average Remediation Time score.
What is the testing process? Information in a nutshell
The Advanced In-The-Wild Malware Test (see more details here) is a long-term analysis with the primary goal of verifying the effectiveness of tested solutions against malware in real time. In this test, we evaluate business versions of security products, which are often equipped with advanced EDR-XDR modules used to automatically hunt for threats along with remediation functionality for attacks. Additionally, we evaluate software versions tailored for individual users. In summary, we replicate a person’s Internet browsing behavior after installing security software on Windows. This is the most common scenario in which individuals can fall victim to social engineering and inadvertently download malware to the system.
Real samples of in-the-wild malware from real URLs are selected for the test, so the test is most beneficial for all recipients and manufacturers that participate in the study. At the conclusion of each edition, a comprehensive technical report is published detailing the threat detection and blocking methods used. In addition, using Windows systems in graphical mode, the test evaluates the real-world protection provided by the product, taking into account the remediation of each incident.
Award „Product of The Year 2025”
Additional TOP Remediation Time 2025 certification
A summary of the Advanced in-the-wild malware test
