| 11 November 2016
PALO ALTO, Calif.: SentinelOne has announced that it outperformed competition in a new assessment by MRG Effitas and AV-Comparatives (AVC) for anti-malware testing. SentinelOne was also approved as a next-generation security solution and added as a member to the Anti-Malware Standards Testing Organization (AMSTO). The independent test is the first of its kind, focusing on specific criteria tied to next-generation capabilities.
"SentinelOne performed in the top tier among the next-generation endpoint protection vendors in anti-malware testing," said Andreas Clementi, CEO and founder of AV-Comparatives. "We view this as a positive direction for the industry, as these technologies that utilize advanced behaviour techniques and machine learning show good prevention and detection capabilities."
“Next-generation” has been a vague term, especially in security. For endpoint protection, it signifies that a solution works on a different principle than traditional antivirus software but what this exactly entails still remains nebulous. Despite how unclear it is whether “next-gen” vendors can truly do a better job than their predecessors, testing criteria have barely changed. Tests have historically focused on file-based (PEs and DLLs) malware while excluding fileless malware and scripts—which are increasing in prevalence today. Fortunately, that’s finally beginning to change as third-parties like MRG Effitas, AV-Comparatives and NSS Labs evolve their testing methods to account for the new realities of the threat landscape.
The review format included assessments of the management console, layout, deployment, monitoring, response, updates and more. For malware protection, the test focused on four areas:
● RTTL: Response to the most prevalent malicious samples according to the AMTSO Real-Time Threat List
● AVC: Response to most recent and prevalent malicious samples in the AVC database
● WPDT: Performance on the top malicious websites compared to traditional business AV technology running in tandem
● FPs: Ability to parse through false positives
Among the endpoint security products tested, SentinelOne performed top of class achieving 100% prevention across RTTL, AVC and WPDT. The company accomplished this with zero false positives.
“This is a testament to the hard work we’ve put into the SentinelOne platform since we embarked on our mission to change the way businesses protect themselves from the latest advanced attacks,” said Tomer Weingarten, CEO of SentinelOne. “For too long, companies have touted machine learning capabilities, automation and more, but what we are finding out is that is primarily marketing jargon with little to no real benefit to customers. As an industry, we need to provide updated, third-party validated, benchmarks so that customers can make informed decisions against the realities of today’s threat landscape”
The test also found that SentinelOne’s platform is intuitive and simple to use—including analysis capabilities that allow administrators to clearly identify each event in an attack. Additionally, it enables group-based policies that triggers automated responses, from alert to kill in real-time.