• Article
  • January 19, 2022

5 reasons why independent efficacy testing of antivirus brands is important

With security and data breaches hitting the headlines daily and ransomware attacks being cited as an immediate danger to businesses, effective cybersecurity and antivirus protection has never been more needed.

With increased demand comes increased supply and there are now a myriad of antivirus software brands and endpoint protection products in the market to choose from.

But as a consumer, how do you know what works well and what doesn’t?

And as a vendor, how do you cut through the noise and claims of the competition to stand out as a highly effective, user-friendly option that will keep business and people protected?

Independent efficacy testing and certification by a trusted and objective third party is one way to prove your product works and here are 5 reasons why!

That which is measured gets improved.
There is a well know quote from Karl Pearson, the father of modern statistics that states, “That which is measured gets improved. That which is measured and reported improves exponentially.”

Regular measuring, testing, benchmarking, and reporting keeps a focus on quality and produces feedback and insight that contributes to the continuous improvement of the product or service.

As part of our testing and the ensuing dispute process, MRG supplies participants with feedback on failed samples, bugs, and anomalies. We identify missed samples and supply screen shots, testing logs and hashes that give valuable insight into the performance of the software and areas for improvement.

“Our testing is as much about quality assurance and supporting vendors with continuous improvement, as it is about certifying and rubber-stamping a software’s efficacy.”

Chris Pickard, MRG’s founder and CEO

3rd Party efficacy testing is rigorous, independent, and impartial
There is an enduring misconception in some quarters that efficacy testing is a ‘pay-to-play’ affair, but the best testing labs adhere to the rigorous industry standards laid down by AMTSO, the Anti Malware Test Standards Organisation.

Many companies undertake in-house efficacy testing, but using an external, independent third-party lab for testing ensures the product is tested objectively from every angle in ‘real world’ scenarios and gives an authentic benchmark of a product’s efficacy.

Our ongoing 360° quarterly testing puts leading AV brands through continuous rigorous efficacy assessments against the latest ‘In the Wild’ malware, trojans, backdoors, spyware, financial malware, ransomware, and “other” malicious applications.

Our team of engineers are an unforgiving bunch, so if an AV vendor achieves the MRG 360° Certification, you can be sure it’s a best-in-class product. You can read our latest assessment reports here.

Software is subjected to the freshest malware samples and a full range of threats and exploits
As a leading supplier of malware, URLs and exploits, we supply over 250,000 malicious samples per day to vendors, testers and for training machine learning. Many of these samples are less than 24 hours old.

In addition to applying the newest malware, our 360° assessment tests the capabilities of the participating security applications with a full spectrum of attack vectors.

As part of our In-The-Wild assessment, trojans, backdoors, spyware, financial malware, ransomware and “other” malicious applications are all used. Alongside the traditional In-The-Wild (ITW) file-based attacks, our evaluation also includes scenarios where fileless cases and exploitation techniques, live botnets and financial malware simulators are applied.

Besides the malicious attacks, to evaluate the practical accuracy of AV products, they are exposed to potentially unwanted applications (PUA or Greyware) and clean files (FP) to gauge whether they will be flagged as ‘false positives’.

Testing is carried out in ‘real world’ scenarios against ‘metrics that matter’
When conducting tests, we try to simulate normal user behaviour. We are aware that a ‘Real World’ test cannot be conducted by a team of professionals inside a lab because we understand how certain types of malware work, how campaigns of organised malware attacks are conducted, and how such attacks could be prevented.

Simulating normal user behaviour means that we pay special attention to all alerts given by security applications. A pass is given only when alerts are straightforward, and clearly suggested that the malicious action should be blocked.

A security product’s ability to block initial infection is not the only metric that matters. Measuring the time taken to detect malicious files or actions is another crucial metric.

Measuring initial detection rates and the time taken to detect active malware is particularly important in today’s threat landscape with the mix of malware that is prevalent. Since the longer a cybercriminal can run their malware on a system, the greater the opportunity is for them to be able to capture private user information, including banking logins and social media credentials, etc, or to encrypt user data.

Initial detection is of the utmost importance since the vast majority of security solutions will be unable to remediate the problem of an encrypted system.

And besides its security capabilities, our assessment measures the footprint each security software has on a computer’s performance.

Reputation and a demonstrated commitment to quality, product improvement and efficacy
When a vendor subjects their products to rigorous, independent testing by a lab like MRG Effitas, it shows confidence in the product and assures the user that their endpoint protection works.

Participation in our quarterly 360° Efficacy Testing panel publicly demonstrates a vendor’s commitment to quality, efficacy, and continuous improvement.

The MRG Effitas certification is valued by vendors, users, investors, researchers and advisers around the world, including Gartner and Forrester.

Privately we work with companies to test and certify protection products prior to launch.

We are also often commissioned by venture capitalists and corporate investors considering investing or acquiring endpoint protection firms, or by growth tech companies considering an IPO or taking investment.

MRG’s certification gives all parties the validation and proof that the product is effective, lives up to its promises and is a safe investment.

“Testing labs around the world challenge antivirus products with real-world scenarios and in-the-wild viruses… If a product gets high marks from these labs, I feel confident that it’s an effective protector against malware.”

Neil J. Ruebenking, PCMag

MRG Effitas – the de facto standard in independent efficacy testing
Get in touch today to see how MRG can support your quality assurance, marketing and reputation through testing and certification.

You can also subscribe to receive copies via email of our free 360° reports as soon as they are published.