Malware, exploits, evasion? No problem.

We’re excited to share that Cortex XDR™ achieved an overall “AA” rating in the NSS Labs 2020 Advanced Endpoint Protection (AEP) Test. These results are objective evidence that Cortex XDR delivers top-tier prevention on top of the industry-leading threat detection it demonstrated in a MITRE ATT&CK™ evaluation.

Download the report Read the blog

What is the NSS Labs AEP Test?

NSS Labs is a globally trusted source of independent cybersecurity guidance based on extensive product testing. Using their Advanced Endpoint Protection Test Methodology v4.0, NSS Labs tested leading endpoint security products against a wide array of attacks, including malware, exploits, blended threats, unknown threats, evasions, handcrafted attacks and resistance to tampering. Findings were graded on an ascending scale from “D” to “AAA” in separate capability categories, which were averaged for an overall score.

Cortex XDR received an “AA” overall rating, which no other vendor in this test surpassed.

Highlights

Manageability: AA Cortex XDR was praised for its extensive and flexible management console, which is lightweight and easy to deploy without disrupting ongoing operations. NSS Labs also lauded the solution’s logging, alert handling and reporting functions – cornerstones of the incident management capabilities Cortex XDR is known for.

False positives: AA When security tools block access to legitimate software and websites, it can be extremely disruptive to business users and processes. NSS Labs mixed legitimate application traffic in with their attack techniques throughout the test. Cortex XDR was able to distinguish between malicious and benign processes with ease, correctly identifying 99.5% of false positives.

Drive-by exploits: AA Cortex XDR blocked 98.4% of drive-by exploits – attacks that target user endpoints and cause users to unintentionally download malware. Drive-by exploits use techniques like deceptive pop-ups and website redirects to trigger automatic download and execution of malicious code.

Malware: AA Malware is still the most widespread cybersecurity threat to enterprises, with millions of new samples generated every year. Cortex XDR showcased exceptional protection against malware, whether delivered via email (blocking/detecting 99.2% of samples) and via HTTP (99.3%).

Resistance to evasions: AAA Using techniques such as process injection (where malicious code is injected into a trusted process), NSS Labs attempted to disguise attacks at the point of delivery to avoid detection, just as a real-world threat actor would. Cortex XDR blocked 100% of evasion attempts.