SE Labs Awards Trellix Endpoint Security AAA and 100% Total Accuracy Ratings, Achieving Perfect Scores

By Deepak Dalvi · August 15, 2023

Organizations rely on endpoint security solutions to detect and stop malware threats. But endpoint security also needs to allow legitimate applications – otherwise productivity grinds to a halt.

Accuracy is critical. That’s why we’re thrilled to announce that SE Labs has awarded Trellix Endpoint Security (ENS) AAA and 100% Total Accuracy ratings in Q2 2023 testing. Trellix ENS achieved a perfect record in both Protection Accuracy and Legitimacy Accuracy. In Protection Accuracy testing – which measured solutions’ ability to detect and block malware – Trellix ENS scored a perfect 400, while Microsoft Defender Antivirus, CrowdStrike Falcon, SentinelOne Singularity, and others scored lower. See the full report here.

Leading protection

SE Labs is an independent testing organization that conducts tests to imitate real-world attacks. They have developed a comprehensive approach to evaluating the effectiveness of security products. To achieve this, they measure various metrics to determine the overall protection accuracy. SE Labs tests publicly available threats and advanced hacking attacks that resemble targeted attacks commonly found in the real world. These threats are introduced realistically through various attack vectors, including email and downloads, to target systems. By using advanced targeted attack scenarios, SE Labs can assess the effectiveness of "next-generation" protection technologies like machine learning and behavioral analytics accurately.

Although many endpoint security vendors boast about the "next-generation" technologies in their endpoint protection, they don’t always deliver outcomes customers are looking for: preventing compromised systems. Customers want an endpoint security solution that “actually works”, delivering reliable protection and minimizing SOC inefficiencies. By having a solution that effectively stops threats and prevents systems from being compromised, IT Sec Ops can reduce their Mean Time to Detection (MTTD) and Mean Time to Response (MTTR). This was clearly demonstrated in SE Labs testing, where the Trellix Endpoint Security solution not only detected all threats but also successfully blocked them, resulting in no systems being compromised.

In the protection details for Protection Accuracy, Trellix excelled by blocking all threats with zero neutralised and zero compromised systems.

While it is better to neutralize a threat rather than allowing it to compromise the system, this is an important nuance that SE Labs presents in their results. A neutralised threat will likely trigger an alert that a SOC analyst must triage and assess what response to take. This can distract from alerts that require immediate attention and have a negative follow-on impact on an organization’s security and risk posture.

Leading accuracy with no false positives

SE Labs conducted another test to assess the effectiveness of endpoint security in terms of false positives. False positives occur when a file is wrongly detected as malicious despite being clean. These can cause costly business disruptions as legitimate applications or URLs may be flagged as malicious. Moreover, false positives burden security teams as they increase the number of alerts sent to the Sec Ops team. When the Sec Ops Team spends valuable time and effort on false positive alerts, it impacts the team's efficiencies and increases their MTTD and MTTR.

Trellix scored a 100% legitimate accuracy rating, demonstrating that top protection does not have to impact business productivity. Legitimate accuracy and false positives are important metrics organizations need to keep track of if they want to improve their SOC effectiveness.

Leading to better outcomes for users and security teams

To summarize, when considering an endpoint solution, it's crucial to take into account both protection accuracy and legitimacy accuracy. Trellix excels in both areas, offering customers peace of mind against complex attacks such as ransomware. This combination of 100% protection accuracy and 100% legitimate accuracy make up the 100% total accuracy ratings that Trellix Endpoint Security received. These results demonstrate how Trellix Endpoint Security helps security teams reduce their metrics for MTTD and MTTR, and allows businesses and users to concentrate on their work without any interruptions caused by threats or false alarms.

For more information please see:

Endpoint Security Product Page:
Trellix Endpoint Security Solution Brief