Sangfor Endpoint Secure Achieves 100% Ransomware Protection
Sangfor is excited to announce that Sangfor Endpoint Secure achieved 100% ransomware protection in the Advanced Threat Detection Test conducted by AV-Test, one of the world's leading independent test institutes for IT security products.
In the Advanced Threat Detection Test, Sangfor Endpoint Secure scored a maximum of 40 points and was awarded the “Advanced Approved Endpoint Protection” certificate. The latest AV-Test certification follows on from the AV-Test “TOP PRODUCT” award received in recognition of Endpoint Secure’s 100% protection against hundreds of 0-day attacks and thousands of newly-discovered malware.
RaaS Heightens the Urgency for Ransomware Protection
The Advanced Threat Detection Test report by AV-Test notes that Ransomware-as-a-Service (RaaS) is gaining traction, a trend also reported in Sangfor’s Global Ransomware Trends Report. RaaS is essentially a ransomware-for-hire model that allows non-specialists to take part in ransomware attacks. Sangfor has data proving this criminal business model has contributed to an increase in recent ransomware attacks and likely more in the future. It is imperative for organizations to adopt robust ransomware protection to safeguard their business.
The Advanced Threat Detection Test from AV-Test provides organizations with objective and authoritative research into the effectiveness of ransomware protection software on the market.
Advanced Threat Detection Test by AV-Test
The Test
The Advanced Threat Detection Test evaluated 34 endpoint security products from market-leading vendors, including Microsoft, McAfee, Trend Micro, and Sangfor. The 34 products were further divided into 17 consumer solutions and 17 corporate solutions.
The Test Scenarios
Each security product was tested against 10 realistic ransomware attack scenarios on Windows operating systems. One attack involves a spear phishing email with a zip attachment that contains an executable file. The file launches immediately upon unzipping, and the ransomware starts to encrypt the system using a series of steps called a kill chain. AV-Test mapped each kill chain step of the ransomware attacks to the MITRE ATT&CK Framework (see Figure 1 for an example).
Figure 1. Ransomware Scenario 01 in the Advanced Threat Detection Test, Courtesy of AV-Test
The Scoring Criteria
According to AV-Test, an attack is considered thwarted if the security product detects and stops ransomware in one of the first two steps (Initial Access or Execution). Four points are awarded for complete ransomware detection and defense, meaning a maximum of 40 points for 10 scenarios. Points are deducted for non-detection, partial detection (ransomware manages to encrypt files), or if the ransomware threat remains on the system.
AV-Test color-coded the attack steps to help readers quickly evaluate the performance of security products in each scenario (see Figures 2-3 for examples):
- Green (detected and attack stopped)
- Yellow (detected but not completely blocked)
- Orange (no detection)
Figure 2. Sangfor Endpoint Secure’s performance in Scenarios 01-06
Figure 3. Sangfor Endpoint Secure’s performance in Scenarios 07-10
The Test Results
Out of the 17 consumer solutions, 12 products were awarded the maximum 40 points.
Out of the 17 corporate solutions, 12 products were awarded the maximum 40 points, including Sangfor Endpoint Secure, proving that Sangfor Endpoint Secure is one of the best ransomware protection solutions on the market.
To learn more about the Advanced Threat Detection Test, visit the official AV-Test website to read the test report in its entirety.
Ransomware Protection with Sangfor Solutions
Sangfor Endpoint Secure is a powerful Endpoint Detection and Response (EDR) solution that goes beyond traditional anti-malware and antivirus software. Sangfor Endpoint Secure leverages Sangfor’s proprietary Engine Zero AI malware detection engine and Neural-X threat intelligence platform to deliver unrivaled malware protection for endpoints.
Sangfor Endpoint Secure is built with innovative anti-ransomware tools, including the world’s first and only endpoint ransomware honeypot, which quickly detects and kills the ransomware encryption process, minimizing any damage to the system. The encryption controlling application is also identified and then located on other infected systems allowing “One-Click Kill” to eradicate the detected ransomware throughout the organization with just a single mouse click.
Sangfor NGAF - Next Generation Firewall (NGFW), Sangfor IAG, Sangfor Cyber Command, and Sangfor Endpoint Secure integrate together as part of Sangfor’s Anti-Ransomware solution. With security deployed at the perimeter, endpoint, and network, Sangfor’s Anti-Ransomware is a holistic solution that breaks every step of the ransomware kill chain. Sangfor Anti-Ransomware is a modular solution that can be tailored to meet the ransomware protection requirements of any organization.
Visit the Sangfor Anti-Ransomware webpage to find out how Sangfor keeps customers safe from ransomware infection.
To learn more about ransomware attacks and how they work, read our glossary article that gives you a good overview of ransomware attacks.
Figure 4. Sangfor Anti-Ransomware Solution
About Sangfor Technologies
Sangfor Technologies is an APAC-based, leading global vendor specializing in Cyber Security, Cloud Computing, and IT Infrastructure. Founded in 2000 and publicly listed since 2018 (STOCK CODE: 300454.SZ), Sangfor employs 9,500 employees, operates 60 offices, and serves more than 100,000 customers worldwide, many of them Fortune Global 500 companies, governmental institutions, universities, and schools. Visit us at www.sangfor.com to learn more about Sangfor’s solutions and let Sangfor make Your Digital Transformation Simpler and Secure.