Kaspersky Lab announces the results of the first comparative testing in the industry of Application Control functionality – contained in its corporate security tandem Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center – conducted independently by West Coast Labs. Since the testing lab’s previous testing, in which both the effectiveness and fullness of Kaspersky Lab’s Whitelisting database were evaluated, the tester’s subsequent research has proved the overwhelming superiority of Kaspersky Lab’s Application Control implementation in real-life simulations when compared with competing solutions. Based on an overall evaluation of Kaspersky Endpoint Security 8 for Windows, West Coast Labs awarded the solution its Platinum Product Award.
The overall test results and the benefits of Application Control technology from Kaspersky Lab are summarized in an infographic, available here.
Application Control, a crucial part of any corporate security solution, is aimed at taking the safety of corporate IT infrastructure to the highest level possible. By utilizing the well-designed Whitelisting database, it provides the possibility of implementing a new “Default Deny” approach wherein employees are allowed to run only programs known to be legitimate. In order to make a Default Deny scenario possible, the security solution needs to access the high quality Whitelisting database, which contains complete, up-to-date information about the majority of legitimate programs in existence.
In order to conduct this testing West Coast Labs created a universal methodology with over 40 test cases simulating usage of Whitelist and Application Control technologies in real life situations, including creation and management of customized whitelists, management of Application Control, granular control policies, and Whitelist and Application Control Administration Rights Management. Separate tests were also conducted on the programs’ audits of both event monitoring and event reporting, and overall ability to administer Whitelist and Application Control functionality.
A special system of weights was applied in order to properly evaluate the quality of feature implementation in every case. In total, seven vendors were invited to participate in the testing, although three (Lumension, Bit9 and Coretrace) declined. Besides Kaspersky Endpoint Security 8 for Windows managed by Kaspersky Security Center, corporate security solutions from Symantec (Endpoint Protection 12.1) and McAfee (Solidcore Application Control 5.20 with ePolicy Orchestrator 4.6) took part in the evaluation. Another well-known security software vendor took part in the testing, but upon completion requested that its name and results not be published.
The test results were presented as percentages of a theoretical maximum score. The final result for Kaspersky Lab’s solution in Application Control testing was 91%, while the next best solution achieved just 81%. The third vendor scored 56%. The average score in this evaluation was 76%.
Default Deny scenario implementation was tested separately and Kaspersky Lab’s solution was awarded a 100% score, based on the accuracy of the Whitelisting database contents and superior level of manageability of the Application Control policies and administration rights. The solution from the second best vendor got 85%, and third vendor got 37%. The average score in this testing was 74%. A total of 20 test cases was used in this evaluation.
Commenting on the testing, Vladimir Zapolyansky, Head of Independent Software Vendor Relationships at Kaspersky Lab, said: “We are fully confident that our Whitelisting technology and Application Control functionality offer superior levels of security for corporate customers. Therefore, we were not afraid to have our technology tested by this reputable, independent testing lab, with its detailed, real-world-resembling methodology - the first of its kind. The comparative testing of Application Control indeed reveals that Kaspersky Lab’s approach is industry-leading, but the 100% result in the Default Deny test is what we consider to be even more important. The analysis by West Coast Labs objectively proves that right now we are the only vendor to fully support this scenario, which can significantly increase security for our current and future customers.”
The full report of the Application Control and Default Deny scenario testing is available at West Coast Labs’ website: summary and full version.