AV-Comparatives Validates Real-World Threat Detection in 2025 EDR XDR MDR Certification Testing

INNSBRUCK, Austria, June 15, 2025 /PRNewswire/ — “As cyberattacks evolve, detection can’t be a checkbox. Our 2025 EDR/XDR Certification helps CISOs assess how effectively their tools uncover stealthy, real-world threats.”– Andreas Clementi, ceo and founder, AV-Comparatives

This independent evaluation tested enterprise cybersecurity solutions under advanced threat scenarios. The goal: to assess their ability to detect and report real-world attacks with precision and visibility.

Read the full test here: https://www.av-comparatives.org/news/edr-detection-validation-2025/

Unlike, e.g. the EPR Test, which focuses on prevention, the EDR test simulates complex attack scenarios to assess how well a product detects and logs each stage of an intrusion, providing insights into its visibility, telemetry quality, and threat detection precision. Threat visibility based on threat hunting capabilities is also considered.

AV-Comparatives is pleased to announce that five out of seven solutions have achieved certification so far under our transparent and rigorous methodology.

Certified Products – EDR, XDR and MDR Solutions

The following products earned certification in the 2025 test round

• CrowdStrike Falcon Pro
• ESET PROTECT Enterprise Cloud
• G DATA 365 MXDR (MDR solution)
• Kaspersky Next EDR Expert (in the pilot test)
• Palo Alto Networks Cortex XDR Pro

One Methodology for EDR, XDR and MDR

While initially designed to evaluate EDR and XDR capabilities, the test can equally be applied to MDR (Managed Detection and Response) offerings. In this round, G DATA successfully participated with their MDR solution, demonstrating that even managed offerings can be assessed under realistic, controlled attack conditions.

A Focus on Real-World Visibility

This evaluation simulates Advanced Persistent Threat (APT) attacks, using known Tactics, Techniques, and Procedures (TTPs) from frameworks such as MITRE ATT&CK. All products were tested in monitoring mode only, meaning prevention features were disabled. The goal: to measure how well threats are detected and reported, not blocked.

Highlights of the methodology:

• Execution of complex attack chains
• Validation of detections via alerts in the management console or through manual threat hunting in telemetry
• Transparent certification model: only products meeting the detection threshold are certified and publicly listed
• Methodological Improvements and the Road Ahead

The 2025 test incorporated feedback from independent analysts, resulting in greater transparency, enhanced scoring, and deeper telemetry validation. Further enhancements are planned for the 2026 certification test.

The EDR Detection Validation Test is open to EPP, EDR, XDR, and MDR vendors seeking independent validation of their detection capabilities. Certification offers vendors industry recognition and deep technical insight into their solution’s real-world performance.

Contact us to participate in the next test cycle. https://www.av-comparatives.org/contact/

Cybersecurity and Antivirus Test Results are available at https://www.av-comparatives.org  or the following vendors:

Avast, AVG, Avira, Bitdefender, Checkpoint, Cisco, CrowdStrike, Elastic, Fortinet, F-Secure, ESET, G DATA, Gen Digital. Google, Intego, K7 Computing, Kaspersky, Malwarebytes, ManageEngine, McAfee, Microsoft, NetSecurity, Nordsec, Norton, Palo Alto Networks, Rapid7, SenseOn, Sophos, Total Defense, TotalAV, Trellix, TrendMicro, VIPRE, WithSecure and many more

Contakt: Peter Stelzhammer, media@av-comparatives.org, +43512287788

Photo – https://mma.prnewswire.com/media/2711149/AV_Comparatives.jpg
Logo – https://mma.prnewswire.com/media/2608678/5370632/AV_Comparatives_Logo.jpg

View original content:https://www.prnewswire.co.uk/news-releases/av-comparatives-validates-real-world-threat-detection-in-2025-edr-xdr-mdr-certification-testing-302481817.html