AV-Comparatives validates the real-world threat detection of leading EDR, XDR, and MDR tools in its 2025 certification, setting a benchmark in cybersecurity.
 |
| In its 2025 certification tests, AV-Comparatives recognizes five cybersecurity platforms for successfully detecting advanced persistent threats in real-world conditions. Image: AVC |
INNSBRUCK, Austria, June 15, 2025:
AV-Comparatives has announced the results of its 2025 certification testing for Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), and Managed Detection and Response (MDR) solutions. The respected Innsbruck-based testing lab evaluated cybersecurity tools under complex real-world attack scenarios, aiming to validate their ability to detect and log sophisticated threats, rather than simply block them.
Andreas Clementi, founder and CEO of AV-Comparatives, emphasized the significance of the effort, stating that in today’s rapidly evolving cyber environment, detection cannot be reduced to a checklist item. The goal of the 2025 EDR/XDR Certification, he noted, is to equip Chief Information Security Officers (CISOs) with trusted data on how well cybersecurity products can uncover stealthy, real-world threats.
Unlike preventive-focused tests, this evaluation prioritized detection accuracy, threat visibility, and telemetry quality. All tested products were run in monitoring mode only, with prevention functions disabled, to simulate real-world attack chains based on frameworks like MITRE ATT&CK. Each phase of the simulated intrusion was scrutinized to assess whether the tools provided accurate alerts, useful telemetry, and clear visibility into attacker behavior.
Of the seven participating cybersecurity vendors, five achieved certification for their outstanding performance. These included major industry names such as CrowdStrike Falcon Pro, ESET PROTECT Enterprise Cloud, G DATA 365 MXDR, Kaspersky Next EDR Expert (in a pilot assessment), and Palo Alto Networks Cortex XDR Pro. Notably, this year marked the first time a managed solution—G DATA’s MDR offering—was tested under the same rigorous methodology as traditional EDR and XDR products, demonstrating that even managed services can deliver high-quality detection in simulated threat conditions.
The testing simulated advanced persistent threats and complex attack scenarios, requiring participants to demonstrate not just automated alerting but also effective threat hunting capabilities. Certification was granted only to products that met the detection threshold, reinforcing AV-Comparatives’ commitment to transparency and practical security validation.
Improvements in the 2025 methodology, based on analyst and industry feedback, brought enhanced scoring systems and deeper telemetry validation. Further refinements are planned for the 2026 round, ensuring the ongoing evolution of testing standards in alignment with emerging threats and technology trends.
The AV-Comparatives EDR Detection Validation Test remains open to all EPP, EDR, XDR, and MDR vendors seeking independent validation of their detection capabilities. Certification offers both recognition and a valuable technical benchmark for vendors and enterprise customers seeking confidence in their cybersecurity investments.
Detailed results and additional information are available at the AV-Comparatives website, where industry professionals can also access data on dozens of other major cybersecurity providers.