Take a Product Tour Request a Demo Cybersecurity Assessment Contact Us

Blogs

The latest cybersecurity trends, best practices, security vulnerabilities, and more

5 Key Takeaways From Independent Testing in 2024

Trellix Endpoint Security is rigorously tested by independent third parties. Here are 5 key takeaways from 2024, and how we performed.

With today’s threats increasing in volume, velocity, and sophistication in part due to attackers using artificial intelligence, protection measures are more critical than ever. At Trellix, we take third-party testing seriously as it’s an opportunity to have our solutions independently evaluated for performance impact and efficacy across Windows, Linux, and macOS platforms. This year, several organizations including AV-TEST, SE Labs, and AV-Comparatives assessed Trellix’s protection capabilities. That means how good we are at stopping threats before they have a chance to execute. Additionally, we also participated in the MITRE ATT&CK evaluations, which are primarily focused on detection of attacker tools, techniques, and procedures. As attacks have become more sophisticated, we believe it’s important to evaluate both aspects of endpoint security as there is no silver bullet when it comes to protecting users and devices. Here’s what we saw in 2024:

Highlights and key trends

  • Consistent Protection: Trellix demonstrated a steady enhancement in protection capabilities, achieving perfect scores in both AV-TEST and SE Labs evaluations by the end of 2024.
  • Low False Positive Rates: AV-Comparatives' tests show a reduction in false positives, reflecting Trellix's precision in threat detection. Less noise means fewer investigations and a more productive security team.
  • High Usability: Maintaining perfect usability scores across evaluations indicates Trellix's minimal performance impact on endpoints, and the user experience.
  • Enterprise Reliability: We scored 100% Total Accuracy Rating in SE Labs' assessments which highlight Trellix's reliability in enterprise environments. We’re built for organizations operating across diverse environments, whether on-premises, cloud, or hybrid.
  • Comprehensive Threat Coverage: Participation in MITRE's ATT&CK Evaluations underscores Trellix's commitment to addressing a wide range of threats, including ransomware and macOS-targeted attacks

While we have been stopping threats for over 20 years, attackers today are more motivated than ever before. In addition to reducing the attack surface at your organization and stopping threats before they can execute, detection is a top priority for Trellix as we are focused on discovering attacker tactics, techniques, and procedures (TTPs) that have bypassed defenses and are attempting to gain a hold.

Trellix consistently achieves high detection and protection rates

Across all tests, whether AV-Comparatives, AV Test, SE Labs, or MITRE, Trellix consistently achieves high scores. When you step back and look at these tests collectively, they are evaluating endpoint security from multiple facets, whether performance, efficacy, or operating system. This consistency demonstrates Trellix’s reliability in identifying and mitigating threats effectively, positioning it as a robust solution for businesses.

Category AV-Test Results AV-Comparatives SE Labs Comments
Detection Rates 100% protection and usability 

High scores for all operating systems
99.0% in Real-World Protection (Aug-Nov 2024)

99.5% in Malware Protection (Sep 2024)
100% protection accuracy Strong, consistent detection and protection capabilities across all thirdparty tests
False Positives None  13 false positives (Real-World Protection)

Zero on common business software
No false positives recorded False positive rates are low, indicating reliable detection accuracy
Performance Metrics High performance ratings Impact Score: 22.5 (mid-range)

Outperformed CrowdStrike (33.6)
Performance impact not evaluated in SE Labs testing Performance is consistently reported as acceptable for business environments
Methodology Insights Focuses on protection, usability, and performance categories Includes competitive analysis, missed samples, and longitudinal trends Detailed longitudinal analysis, historical trends, and false positive breakdowns  

1. Consistently rising high accuracy for enterprise protection

SE Labs evaluated Trellix Endpoint Security’s enterprise solutions throughout 2024. The Total Accuracy Ratings offer a compelling narrative of continuous improvement:

  • January-March: 99%
  • April-June: 100%
  • July-September: 99%
  • October-December: 100%

Achieving a perfect score by year-end reflects Trellix’s ability to continuously adapt and refine its approach to threat protection and mitigation as the threat landscape evolves. These ratings confirm that Trellix is a trusted ally for enterprises seeking comprehensive protection.

In addition to SE Labs, Trellix detected 100% of threats across macOS in the latest MITRE ATT&CK Evaluations. In the AV-Comparatives Real-World Protection Protection test, Trellix has consistently scored 99.0%, and also 99.5% in AV-Tests Malware Protection tests.

2. Low false positive rates enhance usability

A low false positive rate minimizes unnecessary investigations and frees up security analysts’ time, which leads to improved operational efficiency. False positives need to be treated as real threats, and often end up requiring additional work of reporting or creating rules around them.

Trellix recorded few false positives in tests that evaluated this, such as AV-Comparatives tests for non-business files, and zero false positivess for common business software compared to other solutions. SE Labs also supports this with 100% legitimate accuracy and zero false positives.

AV-Comparatives: Precision and Low False Positives in both tests:

March-June:
Malware Protection Rate: 98.2%
False Alarms on common business software: 0

August-September:
Malware Protection Rate: 99.5%
False Alarms on common business software: 0

These results highlight two critical aspects of a security solution: precision in detecting malware and accuracy in avoiding false alarms. Trellix’s improvement in these areas underscores its focus on refining detection algorithms and minimizing disruptions for legitimate software. As we move into 2025, Trellix will continue to refine our detection and protection mechanisms.

3. Low system performance impact

Trellix balances robust protection with system performance. While this has always been important, the global tech outage that occurred on July 19, 2024 really brought this to light.

While different security vendors take different approaches to architecture, security content, and code updates, Trellix takes a "responsible security approach" built on transparent architecture, capabilities, and operations. This means we do not load security content into the kernel, and as such have less impact on the system.

In AV-Comparatives’ performance testing, Trellix’s Impact Score of 22.5 places it in the better performing solutions, outperforming heavier solutions like CrowdStrike (33.6)​ and Sophos (34.1).

4. Strong performance on macOS and windows platforms

Trellix’s effectiveness on multiple operating systems makes it a versatile choice for organizations with diverse IT environments. In our blog macOS Malware Surges as Corporate Usage Grows, we highlight how threat actors such as the DPRK are targeting macOS. Additionally, we successfully detected 100% of macOS attacks in the latest MITRE ATT&CK Evaluations.

AV-Test highlights Trellix’s performance on macOS (100% protection and usability) and Windows (consistent high protection ratings). These results are echoed in AV-Comparatives and SE Labs tests, confirming cross-platform reliability​​​.

Performance on macOS: A Year of Consistency and Growth

March 2024: The Starting Line

AV-TEST’s March 2024 evaluation of Trellix Endpoint Security (version 36.20.0) for macOS Sonoma delivered solid results:

  • Protection: 6 out of 6
  • Performance: 6 out of 6
  • Usability: 6 out of 6

These scores indicated a strong start to the year. While protection was perfect, Trellix demonstrated a balance between safeguarding users and maintaining system efficiency. The perfect usability score highlighted our seamless integration into daily operations without hindering user experience.

June and August evaluations: Consistency Across Versions

Trellix ENS was tested on Windows 10 in both June and August 2024, delivering consistent results both times:

  • Protection: 5.5 out of 6
  • Performance: 5 out of 6
  • Usability: 6 out of 6

These evaluations demonstrated steady reliability, balancing effective threat detection with minimal system impact.

September 2024: Reaching New Heights

By September, Trellix had raised the bar in AV Test.

  • Protection: 6 out of 6
  • Performance: 5 out of 6
  • Usability: 6 out of 6

This improvement in protection showcased Trellix’s dedication to staying ahead of emerging threats. Maintaining high usability and performance scores solidified its reputation as a reliable security solution for macOS users.

Windows 11: October Evaluation

For Windows 11, Trellix’s protection score improved to a perfect 6 out of 6 in October. Performance and usability remained consistent at 5 and 6, respectively. This marked a notable milestone, indicating that Trellix’s solutions are not only adaptive but also scalable across different operating systems.

5. Comprehensive methodology adds value

Whether it’s AV-Test, AV Comparatives, MITRE, or SE Labs, each test on its own is valuable. However the true value comes when you step back and look at the consistent trends, and where each is different. Trellix’s performance in these detailed tests underscores its ability to deliver real-world protection in evolving threat landscapes. The addition of measuring false alarms and performance impact on endpoints is an important decision for any organization looking at endpoint security.

A final note

Regardless of how big or complex your company's environment is, a reliable endpoint security solution from Trellix is essential to safeguarding employees and your data. We’re incredibly proud of our consistent results and look forward to crushing it again in 2025! 

SOURCES:

https://www.av-test.org/en/antivirus/business-macos/macos-sonoma/march-2024/trellix-endpoint-security-36.20.0-246105/
https://www.av-test.org/en/antivirus/business-macos/macos-sonoma/september-2024/trellix-endpoint-security-36.20-246305/

https://www.av-test.org/en/antivirus/business-windows-client/windows-11/october-2024/trellix-endpoint-security-10.7-242521/
https://www.av-test.org/en/antivirus/business-windows-client/windows-10/august-2024/trellix-endpoint-security-10.7-242422/ 
https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2024/trellix-endpoint-security-10.7-242322/

https://www.av-comparatives.org/tests/business-security-test-august-september-2024-factsheet/
https://www.av-comparatives.org/tests/business-security-test-2024-march-june/

https://selabs.uk/wp-content/uploads/2024/12/endpoint-security-eps-enterprise-2024-12.pdf
https://selabs.uk/wp-content/uploads/2024/11/endpoint-securtiy-eps-enterprise-2024-09.pdf
https://selabs.uk/wp-content/uploads/2024/07/endpoint-security-eps-enterprise-2024-07.pdf
https://selabs.uk/wp-content/uploads/2024/07/endpoint-security-eps-enterprise-2024-04.pdf

https://attackevals.mitre-engenuity.org/results/enterprise?vendor=trellix&evaluation=er6&scenario=1&view=individualParticipant
https://attackevals.mitre-engenuity.org/results/enterprise?vendor=trellix&evaluation=er6&scenario=2&view=individualParticipant
https://attackevals.mitre-engenuity.org/results/enterprise?vendor=trellix&evaluation=er6&scenario=3&view=individualParticipant

Get the latest

Stay up to date with the latest cybersecurity trends, best practices, security vulnerabilities, and so much more.
Please enter a valid email address.

Zero spam. Unsubscribe at any time.