“As cyberattacks evolve, detection can’t be a checkbox. Our 2025 EDR/XDR Certification helps CISOs assess how effectively their tools uncover stealthy, real-world threats.”- Andreas Clementi, ceo and founder, AV-Comparatives
This independent evaluation tested enterprise cybersecurity solutions under advanced threat scenarios. The goal: to assess their ability to detect and report real-world attacks with precision and visibility.
Unlike, e.g. the EPR Test, which focuses on prevention, the EDR test simulates complex attack scenarios to assess how well a product detects and logs each stage of an intrusion, providing insights into its visibility, telemetry quality, and threat detection precision. Threat visibility based on threat hunting capabilities is also considered.
AV-Comparatives is pleased to announce that five out of seven solutions have achieved certification so far under our transparent and rigorous methodology.
Cyber Technology Insights : Integris Amplifies Position as a Leading Future-Ready MSP with Strategic Acquisition
Certified Products – EDR, XDR and MDR Solutions
The following products earned certification in the 2025 test round
CrowdStrike Falcon Pro
ESET PROTECT Enterprise Cloud
G DATA 365 MXDR (MDR solution)
Kaspersky Next EDR Expert (in the pilot test)
Palo Alto Networks Cortex XDR Pro
One Methodology for EDR, XDR and MDR
While initially designed to evaluate EDR and XDR capabilities, the test can equally be applied to MDR (Managed Detection and Response) offerings. In this round, G DATA successfully participated with their MDR solution, demonstrating that even managed offerings can be assessed under realistic, controlled attack conditions.
Cyber Technology Insights : Ozobot and CYBER.ORG Partner to Bring Cybersecurity Learning to Life for K-5 Students
A Focus on Real-World Visibility
This evaluation simulates Advanced Persistent Threat (APT) attacks, using known Tactics, Techniques, and Procedures (TTPs) from frameworks such as MITRE ATT&CK. All products were tested in monitoring mode only, meaning prevention features were disabled. The goal: to measure how well threats are detected and reported, not blocked.
Highlights of the methodology:
Execution of complex attack chains
Validation of detections via alerts in the management console or through manual threat hunting in telemetry
Transparent certification model: only products meeting the detection threshold are certified and publicly listed
Methodological Improvements and the Road Ahead
The 2025 test incorporated feedback from independent analysts, resulting in greater transparency, enhanced scoring, and deeper telemetry validation. Further enhancements are planned for the 2026 certification test.
The EDR Detection Validation Test is open to EPP, EDR, XDR, and MDR vendors seeking independent validation of their detection capabilities. Certification offers vendors industry recognition and deep technical insight into their solution’s real-world performance.
Cyber Technology Insights : Zentera Systems Showcases Virtual Chamber Defense to Counter Airport Cyberattacks
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source: prnewswire
