CylanceENDPOINT Proven as the Most Effective and Efficient EPP, Again
Which EPP (endpoint protection platform) delivers the greatest protection and best performance in 2024? Independent testing confirms CylanceENDPOINT™ is the most secure and most resource efficient EPP when compared to key market competitors.
The new analysis provides quantitative, unbiased results that organizations can trust when choosing an EPP solution.
Third-Party Validation of EPP Solutions
For the second year in a row, BlackBerry engaged Tolly Group to test CylanceENDPOINT against numerous competitors and the results were both stark and informative.
The objective was simple - to provide organizations with independent, third-party validation on how well each tested EPP protects against today's threats and whether the EPP is a significant drag on system performance. Tolly Group tested the latest version of CylanceENDPOINT along with endpoint protection platforms from Microsoft, SentinelOne, BitDefender and another leading vendor.
The objectives of this testing were as follows:
- Measure detection rates for malware based on an in-market set of 1,000 publicly sourced malware samples.
- Measure CPU utilization during the scanning of the samples.
The results in the chart below reveal that CylanceENDPOINT is the most effective and efficient endpoint protection platform, delivering the best cyber defense with the lowest impact on system resources.
CylanceENDPOINT has already proven to be a lightweight solution that is cloud-enabled but not cloud-dependent. Compared to traditional signature-based solutions, CylanceENDPOINT can stop attacks earlier in the attack chain to detect and prevent threats before they can fully execute. The lightweight nature of CylanceENDPOINT, without the need to rely on signatures or heuristics, allows organizations to deploy it without significant overhead, and there is minimal perceptible performance impact in most cases.
For this set of tests, the Tolly Group evaluated a selection of vendors that rely on AI/ML models. The results reveal that these models lead to drastically different outcomes and that a mature model, like the Cylance® AI model, is critical.
EPP Efficacy: CylanceENDPOINT vs. Competitors
For EPP efficacy, the Tolly Group analysis found CylanceENDPOINT scored the highest of all tested competitors, based on 1,000 malware samples in a Windows® 10 environment, averaging results from both online and offline testing. In the chart above, the blue bars illustrate this efficacy — so the higher the better.
CylanceENDPOINT blocked an incredible 100% of the attacks which proves that our preemptive, AI-based approach can effectively stop threats, even those that are previously unknown.
Average Malware samples detected:
- 100% — CylanceENDPOINT
- 84% — Microsoft Defender for Business
- 88% — SentinelOne Singularity
- 94% — BitDefender GravityZone Business, Ultra
- 96% — Vendor C, another leading EPP vendor
CylanceENDPOINT stopped up to 25% more malware than competitors. This is a critical difference due to an ongoing surge in unique malware. During the last nine months, BlackBerry threat researchers documented that the rate of novel malware has more than doubled. Our AI-equipped adversaries are iterating faster to launch more unique attacks, and this requires the best AI-powered defenses possible.
CylanceENDPOINT System Impact vs. EPP Competitors
When it comes to performance and resource utilization, the Tolly Group analysis found CylanceENDPOINT uses far fewer system resources than its peers — while delivering superior results. In the chart above, this is reflected in the purple line which shows CPU consumption —an average of online and offline scenarios — during the analysis. The lower the measure against the axis on the right (system impact), the better.
When your security solution is less taxing on resources, it allows systems to focus more on core tasks and in the long-term, can reduce total cost of ownership (TCO).
Average CPU utilization while analyzing 1,000 malware samples:
- 16.2% — CylanceENDPOINT
- 49.2% — Vendor C, another leading EPP vendor
- 51.3% — BitDefender GravityZone Business, Ultra
- 70.4% — SentinelOne Singularity
- 81.7% — Microsoft Defender for Business
CylanceENDPOINT delivers superior results with up to eight times less system impact. This is essential because less available CPU processing power makes a direct impact on the ability of an app to run calculations and provide results. This increases sluggish performance and loading times and potentially leads to freezing or crashing. Mobile users are especially likely to feel these impacts and may struggle to get tasks done while on the move.
Having CPU availability for business-critical work while EPP solutions go about keeping users and data safe is crucial to maintaining a frictionless experience for the user.
EPP False Positive Analysis: CylanceENDPOINT vs. Competitors
Other recent analysis also reveals a considerable difference in the number of false positives between the tested EPP solutions. Several of the solutions had many false positives while CylanceENDPOINT had none. CylanceENDPOINT produced zero false positives over a 7-day period and is consistently at zero, week over week. This lifts a tremendous burden off the backs of the SOC and security team and increases the time available for other necessary tasks.
More about the Endpoint Protection Independent Analysis
The Tolly Group conducted the EPP testing using popular vendor distributions of EPP software running the latest versions, against a set of 1,000 publicly sourced malware samples. The same sample set was used across vendors and tested in both offline and online environments.
One vendor was tested at a time to ensure performance testing was accurate and not influenced by another test running, and all virtual machines were running the same OS version.
These outcomes highlight the value CylanceENDPOINT delivers to customers — best-in-class protection with minimal performance penalties. This testing is further proof we've built the most effective and efficient solution on the market today.
