RSA CONFERENCE - McAfee today announced that it has received high marks from NSS Labs in two recently published corporate endpoint protection reports. McAfee’s core endpoint anti-malware products (McAfee VirusScan Enterprise, McAfee Host Intrusion Prevention and McAfee Site Advisor Enterprise) achieved the highest block rate and an overall score of 97 percent of all threats being blocked in the exploit protection test of the NSS Labs Corporate End Point Security Detection report. Additionally, in the NSS Labs Corporate End Point Security Evasion test, McAfee’s endpoint suite blocked 100 percent of the five tested (and commonly used) evasion techniques.
“McAfee is committed to providing the highest quality products to help keep our enterprise customers protected from emerging threats,” said Candace Worley, senior vice president and general manager of Endpoint Security at McAfee. “The NSS Labs test results demonstrate the need for multiple levels of protection on the endpoint and validate McAfee’s Security Connected approach. McAfee is uniquely positioned to deliver comprehensive protection across the endpoint with industry leading solutions which have been rigorously tested and proven best in class.”
NSS Labs, a leader in independent security product testing and research, is known to conduct some of the most comprehensive third-party testing in the industry, providing real-world research and analysis to enterprises, government agencies and organizations of all sizes. Most third party tests measure straight detection of known files. The NSS Exploits test is one of the few that goes beyond this to judge a product’s day zero protection.
According the NSS Labs report, “The ability to block exploits is one of the most significant tasks required of EPP products. When a new vulnerability is exploited, not only can malware, known or unknown, be silently installed, criminals can manually take over the exploited computer thereby evading signatures and heuristics designed to detect malicious code. If an EPP can block an exploit it has effectively blocked any and all malware that the exploit may attempt to execute or install. The ability to catch the payload an exploit delivers has value but provides far less protection than blocking the exploit itself.”