SE Labs endpoint protection report, January – March 2020

December 14, 2020

SE Labs tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective.

Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test.

The results indicate how effectively the products were at detecting and/or protecting against those threats in real time.


Strong protection in uncertain times
A hacker mentality is keeping (computer) virus testing on track

This is the first in our series of 2020 endpoint protection reports. And it is unique, for all the usual reasons but also a new one.

We would normally highlight the latest new threats that we’ve discovered on the internet and discuss how we test them against the security software you use in your business and at home in the most realistic ways possible. And we’ve done that. But these reports are different to any we’ve produced before, for another reason.

We started testing shortly after the first signs of the COVID-19 virus were reported in China. By the time we were halfway through the work, London and the rest of the UK was in lock-down. So were large parts of Europe and, towards the end, the United States of America.

The way we test involves a large team interacting directly with computer hardware, as well as software. Remote working was something we had discounted for years. As the crisis unfolded we tried to keep our staff as far from each other as possible, although still in the office. But as the seriousness of the situation grew and, despite the fact that we could have continued working in the office legally, we put our own people’s wellbeing first and decided to close down the lab.

We thought our deadlines might slip; our clients would miss out on the help we provide in improving their products; and you would not receive the latest updates on the state of endpoint protection against the latest threats.

It is a testament to the tenacity, imagination and technical skill of the team that we managed to find a solution that allowed testing to continue in the lab, with the vast majority of the team working from home. This represents a true hacker mentality, in which unconventional approaches to problem solving win the day, and the whole team should be applauded for their efforts.

The good news coming from this timely (and on-time!) research is that the cohort of companies that engaged with our testing are clearly performing strongly despite the technical challenges they are also no doubt facing in these troubling times. We’ve never seen such a strong showing from endpoint protection products in the enterprise, small business and home user markets.

If you spot a detail in this report that you don’t understand, or would like to discuss, please contact us via our Twitter or Facebook accounts. SE Labs uses current threat intelligence to make our tests as realistic as possible. To learn more about how we test, how we define ‘threat intelligence’ and how we use it to improve our tests please visit our website and follow us on Twitter.

This test report was funded by post-test consultation services provided by SE Labs to security vendors. Vendors of all products included in this report were able to request early access to results and the ability to dispute details for free. SE Labs has submitted the testing process behind this report for compliance with the AMTSO Testing Protocol Standard v1.3. To verify its compliance please check the AMTSO reference link at the bottom of page three of this report or here.

Share on linkedin
Share on facebook
Share on twitter
Share on email
Price: FREE

About the Provider

SE Labs
SE Labs aims to improve information technology security by assessing products and services designed to detect attacks, protect against intrusions or both. We test a range of solutions including endpoint software, network appliances and cloud services. Our tests are technically accurate and relevant, and are conducted with the utmost integrity. We perform private testing as well as producing public reports.


anti-malware, anti-virus, endpoint protection
Scroll to Top