Xcitium

Producer Information

Xcitium is one of the leading providers of cybersecurity solutions to consumers and corporate markets. It offers next-generation products with patented technology that protects against 0-day threats from a genuine Zero Trust architecture. Through virtualization sessions on the endpoint that contains all Unknown files and objects by default, it enables real-time prevention and defense against malware and ransomware. Xcitium solutions (formerly Comodo) are used by more than 5000 corporate customers and partners worldwide.

Key Features of Xcitium

Many industry indicators suggest that all cybersecurity vendors are trending toward earlier threat response in EDR-XDR solutions, but Xcitium ZeroDwell Containment is already at the very beginning of every endpoint system kill chain cycle. Containment is instantaneous, machine-speed virtualization of every Unknown, Undetectable file or object for immediate assessment: guilty till proven innocent.

Xcitium’s Zero Trust architecture prevents advanced attacks on an organization’s supply chain, among other benefits, such as preventing ransomware from accessing real resources and assets. Unknown files and objects (which have no known signature or hash) are subjected to additional machine analysis and manual verification by Xcitium Threat Labs human experts to harden environments against future attacks.

The Xcitium administration console includes a single-pane-of-glass dashboard that provides a quick overview of an organization’s security profile, including details about devices that do not comply with corporate security policies and devices with missing system and server updates. Built-in remote monitoring and management of the security plan restricts and controls access to data, networks, devices, users, applications, and the entire infrastructure, minimizing the future risk of a cyberattack to virtually zero.

Xcitium’s software is easily and quickly deployed to any device in a home or business without any significant impact on performance. End users and business operations are never interrupted by ZeroDwell Containment, and users enjoy a hassle-free cybersecurity experience: safe in every attack situation due to automated, patented technology that isolates Unknowns in a virtualization session. Contained attacks are no longer threats!

Xcitium Dashboard and Security Management Console

Selected awards

Certificates that confirm the high quality of software and effectiveness in protecting against threats and attacks in real time.

After completion of all edition of the test, we granted a special certificate for the highe level of protection maintained throughout year.

The TOP Remediation Time award reflects the fast response to threats by completely neutralizing the entire malware lifecycle.

We awarded the certificate for the highest quality of protection against Internet threats in the Advanced In-The-Wild Malware Test.

The solutions awarded in the tests of EDR-XDR products are characterized by proven monitoring of the protected infrastructure along with full visibility of telemetry data from attacks.

The software had to provide the highest level of protection and security throughout the 2021 to achieve this special certification.

Advanced In The Wild Malware Test

Recent Results in January 2024

Comodo-logo.svg
Comodo Internet Security Pro
PRE-LAUNCH:
39.47%
POST-LAUNCH:
60.53%

Blocked: 380/380
Total: 100%

Tested on default settings.
Xcitium ZeroThreat Advanced
PRE-LAUNCH:
41.58%
POST-LAUNCH:
58.42%

Blocked: 380/380
Total: 100%

Tested on preset policy “Windows – Secure Profile v.8.1” + HIPS default action on “Block requests” + EDR enabled

PRE-LAUNCH: This classification references the detection of malware samples before they are launched in a live system.

POST-LAUNCH: This indicates an analysis level, i.e., an attack has executed and has been blocked by a tested product.

FAIL: This classification indicates a detection failure, i.e., an attack has NOT been blocked and has infected a system.

Remediation Time in a Nutshell

January 2024

Comodo-logo.svg
Comodo Internet Security Pro
90

seconds

Average Remediation Time of an active threats

99

seconds

Fastest Remediation Time of one single threat

700

seconds

Longest Remediation Time of one single threat

245

data breaches

or active threats
after Remediation

Xcitium ZeroThreat Advanced
50

seconds

Average Remediation Time of an active threats

99

seconds

Fastest Remediation Time of one single threat

600

seconds

Longest Remediation Time of one single threat

245

data breaches

or active threats
after Remediation

Remediation Time (RT) Legend
The time expressed in seconds from the introduction of malware into the system by a browser, through the launch, to detection and resolution of a security incident. The Remediation Time may depend on the real activity of the malware, which may increase the time. Occurs only at the POST-Launch level.

remediation time

Example indicators

We can completely automate security tests carried out. For instance, we are able to record events of blocking an attack by a specific technology implemented in a product. If a product reacts to a malicious modification of the system, this kind of information is saved in the Windows event log or the local logs of the protection solution. We can capture such modification using the Windows API. For example, the activity of moving a virus to quarantine or running malware in a sandbox will cause the reading of a relevant key from the Windows registry or executing an action by a process. Then, we can mark recorded indicators as a detected attack, a blocked network connection, or an infected file removal. Here are some example indicators:

 ESET Internet Security:

ANTIVIRUS INDICATORSDESCRIPTION
C:\ProgramData\ESET\ESET Security\Logs\virlog.datMalware was removed or cured
*AppData\Local\ESET\ESET Security\QuarantineMalware was quarantined
C:\ProgramData\ESET\ESET Security\epfwlog.datBlocking of traffic by a firewall
C:\ProgramData\ESET\ESET Security\Logs\urllog.datBlocking of malware on a website

See the previous results

You can always go back in time and check how each individual security product performed during previous editions of the test. We make the results from all previous tests available to you to verify if your favorite developer has improved protection against latest malware in his security software.

Menu