To say there are a lot of security vendors saying a lot of conflicting and confusing things is an understatement. There is legacy antivirus, next gen antivirus, next gen endpoint firewalls, and next gen endpoint protection. Signatures have been replaced with mathematical algorithms and machine learning and behavioral detection. Tests have been replaced with marketing tours (unbelievable!) and vendors are touting their own results…using their own methodology. There is pre-execution, on-execution, post-execution detection.
Where does this leave us? Does any of it actually prevent malware from infecting endpoints and servers?
SentinelOne is a big believer in two things:
- Standard methodology and testing criteria and
- Third-party tests that validate how a said vendor performs under standard methodology and testing criteria.
SentinelOne just completed one of many tests you’ll see from us over the next few months. This one is a third party next gen AV test with MRG Effitas and AV-Comparatives. For malware protection, the test focused on four areas:
- RTTL: Response to the most prevalent malicious samples according to the AMTSO Real-Time Threat List
- AVC: Response to most recent and prevalent malicious samples in the AVC database
- WPDT: Performance on the top malicious websites compared to traditional business AV technology running in tandem
- FPs: Ability to parse through false positives
The results? SentinelOne performed in the top of the class with:
- 100 percent malware detection across all four categories
- 0 false positives
See the results for yourself here.
So just to clear the air, our prevention engine uses static-based machine learning to prevent malware attacks pre-execution, and behavioral-based machine learning to prevent malware, exploit and script based attacks that can’t be detected pre-execution. We can’t guarantee you won’t see any more marketing messages from us, but before you test your next gen endpoint vendors, please look to third-party methodology and tests. And as you can see from this latest test – malware protection, we got this.