Sophos takes top spot in new exploit protection survey, beating 8 other vendors

Sophos blocked 34 out of 35 exploits tested, while the next highest score was 22 out of 35 in a new report by MRG Effitas, a UK-based IT security research firm that provides efficacy assessment and assurance services to organisations around the world.

Most of the vendors whose solutions were tested in the survey “weren’t even able to stop half of the exploits that Sophos was able to stop,” with Sophos ranking top in thee areas – exploit prevention, malware protection and potentially unwanted application (PUA) prevention.

The results of the just-released test is a follow-up to MRG’s previous report on malware protection where Sophos again took top spot for both malware protection and potentially unwanted application (PUA) protection.

(As can be seen from image, Sophos far outperformed other vendors at stopping exploits: Level 1 means that the product blocked the exploit, and Level 2 means that the exploit was missed but the attack was stopped via other methods).

Exploits are the techniques that attackers use to gain access and control of computers. Common bugs and vulnerabilities found in popular, legitimate software can be leveraged as exploits to steal data, hold files for ransom (ransomware), perform reconnaissance, or simply to deploy malware.

Attackers rely on exploits the same way video game characters rely on their weapons toolkits: without them, it would be like going into battle unarmed. And despite being extremely popular for attackers, many defenses remain vulnerable to exploits, since the software often being exploited – Microsoft Office, Adobe Reader, and the like – is generally considered “safe” by security products.

On its blog, Sophos stated: “This would seem to make exploit testing a no-brainer for vendor comparison services. The problem, however, is that due to the constantly evolving nature of software vulnerabilities, exploit-based attacks are some of the most difficult scenarios to test.”

However, MRG Effitas managed to develop reliable and repeatable exploit testing scenarios and has recently released its “Exploit and Post-Exploit Protection Test” report. Commissioned by Sophos, the report compares the exploit-stopping abilities of nine different endpoint products, from nine different IT security vendors (as listed in the image above).

Leave a Reply

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.