{"id":122745,"date":"2020-12-18T15:30:48","date_gmt":"2020-12-18T23:30:48","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=122745"},"modified":"2020-12-18T14:56:08","modified_gmt":"2020-12-18T22:56:08","slug":"cortex-av-comparatives-epr-evaluation","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2020\/12\/cortex-av-comparatives-epr-evaluation\/","title":{"rendered":"Cortex XDR Named a Strategic Leader in AV-Comparatives EPR Evaluation"},"content":{"rendered":"

\"AV-ComparativesWe are thrilled to have AV-Comparatives, a globally recognized independent testing organization, name <\/span>Palo Alto Networks Cortex XDR a \u201cStrategic Leader\u201d in its latest Endpoint Prevention and Response (EPR)<\/span><\/a> evaluation. Cortex XDR achieved a combined prevention and response capabilities score of 99%, a mark no other vendor surpassed in the evaluation. In addition to phenomenal security effectiveness results, Cortex XDR had one of the lowest Total Cost of Ownership (TCO) scores, despite uniquely providing an Extended Detection and Response (XDR) solution that goes <\/span>beyond <\/span>traditional EDR<\/span><\/a> to provide complete threat detection and response across endpoint, network, cloud and identity data sources.<\/span><\/p>\n

 <\/p>\n

EPR CyberRisk Quadrant<\/h2>\n
\"This<\/span><\/div>
Figure 1. Dot size reflects the product cost. The larger the dot, the higher the cost.<\/figcaption><\/figure>\n
\"This<\/span><\/div>
Figure 2. Cortex XDR, 99% Active Response & 100% Passive Response with a very low TCO.<\/figcaption><\/figure>\n

The Endpoint Prevention and Response evaluation is a brand new security test introduced by AV-Comparatives this year. While most endpoint security tests focus on either prevention or detection, the new EPR test offers a uniquely holistic evaluation accounting for a solution\u2019s prevention, detection and response capabilities to ensure security teams have a complete toolset to deal with even the most sophisticated attacks.<\/p>\n

 <\/p>\n

Cortex XDR EPR EPR Highlights<\/h2>\n

\"The<\/span><\/div><\/strong><\/p>\n

All attacks in the evaluation were composed of three separate phases: Phase 1 \u2013 Endpoint Compromise and Foothold; Phase 2 \u2013 Internal Propagation; and Phase 3 \u2013 Asset Breach. At each stage, the test determined whether the solution detected the attack and what action was taken. When a solution took automated action to block the threat, it was awarded an \u201cactive response\u201d score. If the product provided a detection alert that an analyst could use to stop the attack, it received a \u201cpassive response\u201d score. Palo Alto Networks Cortex XDR was awarded an \u201cActive Response\u201d score on 48 of the 49 attacks and a \u201cPassive Response\u201d in the initial phase for the one remaining attack. Overall, as pointed out by AV-Comparatives, Cortex XDR \u201cdid exceptionally well at handling threats \u2026 in particular before the threat progresses inside the user environment.\u201d<\/p>\n

When dealing with sophisticated adversaries and targeted attacks, the speed with which a security solution can prevent and\/or detect and respond to an attack is critical. Any malicious activity that is not blocked outright must be detected and alerted quickly to allow the security operations staff to respond and shut down the activity before the attack can progress. As seen in the tables below, all of the preventions and detections provided by Cortex XDR occurred without any observed delay, ensuring that there was no opportunity to progress the attacks in the user environment.<\/p>\n

 <\/p>\n

Reduction in Time to Respond (TTR)<\/h2>\n

\"The<\/span><\/div><\/p>\n

 <\/p>\n

Reduction in Time to Prevent (TTP)<\/h2>\n

\"The<\/span><\/div><\/p>\n

In addition to achieving fantastic scores for prevention, detection and response, Cortex XDR achieved a very low TCO in the evaluation. TCO was calculated as a combination of the cost to purchase the product, the estimated breach cost (based on speed of prevention\/detection) and the operational accuracy cost \u2013 a measure of false positives (of which we had none).<\/p>\n

\"The<\/span><\/div><\/p>\n

We are proud of the results of this new evaluation, which showcase the powerful endpoint protection, detection and response capabilities that Cortex XDR delivers in a single agent. The capabilities of Cortex XDR extend beyond even the robust testing methodology of this evaluation, delivering superior visibility and analytics by combining Extended Detection and Response (EDR) features with User Behavior Analytics and Network Traffic Analysis based on telemetry ingestion from endpoint, network, cloud and identity data sources.<\/p>\n

\"The<\/p>\n

 <\/p>\n

We were extremely pleased with the new test methodology introduced by AV-Comparatives and appreciate the thorough nature of the evaluation going beyond prevention to include detection and response. We are proud to share these results with you to demonstrate our commitment to providing comprehensive and effective endpoint security.<\/p>\n

Download the AV-Comparatives EPR Comparative test results<\/a> to see how we stack up against the competition, and the detailed report on Palo Alto Networks Cortex XDR results<\/a> for the evaluation.<\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Cortex XDR achieved a combined prevention and response capabilities score of 99%, unsurpassed by any vendor, in the AV-Comparatives EPR evaluation.<\/p>\n","protected":false},"author":645,"featured_media":112812,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[308],"tags":[2952,6737,4156],"coauthors":[6788],"class_list":["post-122745","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-announcement","tag-av-comparatives","tag-cortex-xdr","tag-third-party-testing","sec_ops_category-must-read-articles"],"jetpack_featured_media_url":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-content\/uploads\/2020\/06\/Hunter.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/122745","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/645"}],"replies":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=122745"}],"version-history":[{"count":5,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/122745\/revisions"}],"predecessor-version":[{"id":122883,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/122745\/revisions\/122883"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/112812"}],"wp:attachment":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=122745"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=122745"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=122745"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=122745"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}