Cortex XDR Earns "AA" Rating on NSS Labs 2020 AEP Test

Feb 25, 2020
3 minutes
... views

This post is also available in: 日本語 (Japanese)

Cortex XDR, by Palo Alto Networks, received an "AA" rating on NSS Labs' 2020 Advanced Endpoint Protection TestWe are excited to announce that NSS Labs, a globally recognized and trusted source for independent cybersecurity guidance, have awarded Cortex XDR a very strong overall “AA” rating in their recent Advanced Endpoint Protection (AEP) test. No vendor in the test received higher than an AA rating.

Prevention of attacks is the ultimate security outcome. While sophisticated adversaries work to find ways around and through defenses, excellent protection is the baseline of an effective security program. We believe that NSS Labs' recent results validate that Cortex XDR delivers best-in-class protection that serves as a foundation for our unique extended detection and response capabilities.

NSS Labs’ Advanced Endpoint Protection Test put leading endpoint security products through 45,000 attack test cases across all tested products including malware, exploits, blended threats, unknown threats, evasions, handcrafted attacks and resistance to tampering. 

The test relied upon tools and methods that are currently being used by cybercriminals. NSS increased the level of difficulty throughout the test, beginning with common attacks, escalating to targeted attacks, and then applying obfuscation techniques to see if they could evade defenses. 

Cortex XDR earned an overall “AA” grade, which included high marks in the following categories: 

  • Manageability. Cortex XDR was praised for its extensive and flexible management console, which is lightweight and easy to deploy while maintaining ongoing operations. NSS Labs also lauded Cortex XDR’s logging, alert handling, and reporting functions -- cornerstones of the incident management capabilities that Cortex XDR is known for.
  • False-positives. When security tools block access to legitimate software and websites, it can be extremely disruptive to business users and processes. NSS Labs mixed legitimate application traffic in with their attack techniques throughout the test. Cortex XDR was able to distinguish between malicious and benign processes with ease, correctly identifying 99.5% of false positives.
  • Resistance to evasion. Just as a real world threat actor would, NSS Labs attempted to disguise their attacks at the point of delivery in order to avoid detection, using techniques such as process injection (where malicious code is injected into a trusted process). Cortex XDR blocked 100% of evasion attempts.This logo shows the capabilities of Cortex XDR, as tested by NSS Labs
  • Drive-by exploits.  Cortex XDR blocked 98.4% of drive-by exploits -- attacks that target user endpoints, causing the user to download malware without intending to. Drive-by exploits use techniques like deceptive pop-up ads and website redirects that trigger the automatic download and execution of malicious code.
  • Malware. Malware is still the most widespread cybersecurity threat to enterprises, with millions of new samples generated every year. Cortex XDR showcased exceptional protection against malware, both delivered via email (blocking/detecting 99.2% of samples) as well as via HTTP (99.3%).

We are proud to share these results, which we believe reinforce our commitment to creating the best security outcomes possible for our customers. The Cortex XDR endpoint agent is just one of the powerful components of Cortex XDR, which stitches together endpoint, network, cloud and third-party security data with machine learning and behavioral analytics to deliver visibility and control.

Download the full Cortex XDR test results from the NSS Labs Advanced Endpoint Protection Test.


Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.