17 July 2024  —  Acronis

Acronis Cyber Protect Cloud excels in AV-TEST EDR evaluation

Acronis
Acronis Cyber Protect Cloud
for Service Providers

In January 2024, reputable German testing institution AV-TEST conducted an exhaustive evaluation of Acronis Cyber Protect Cloud with Advanced Security + EDR. AV-TEST's methodology for evaluating EDR solutions is meticulous and grounded in real-world scenarios. Their approach includes creating realistic threat simulations, assessing detailed coverage of various tactics and techniques, and evaluating the quality of detection. By simulating attacks based on known threat actor behaviors, AV-TEST ensures that their evaluations provide a comprehensive measure of an EDR solution's capabilities.

Acronis

We are proud to report that AV TEST certified Acronis Cyber Protect Cloud with Advanced Security + EDR as an approved and advanced endpoint detection and response product for Windows after showing outstanding results in both test scenarios.

Sophisticated threat scenarios

One of the key scenarios tested by AV-TEST was designed to emulate the sophisticated tactics of APT18, a group known for cyber espionage. This scenario involved a spear-phishing campaign that delivered a malicious Word document with an embedded macro, launching an agent that connected to a command-and-control server. The test also included the establishment of a command-and-control channel using HTTP requests to simulate external attacker communications, the use of PowerShell scripts to gather system information, and the exploitation of service accounts to move across the network.

Acronis Cyber Protect Cloud with Advanced Security + EDR demonstrated exceptional detection capabilities in this scenario. The solution successfully identified all techniques across the various stages of the attack, providing detailed and actionable insights. This underscores Acronis' robust monitoring and detection technologies, which are crucial for thwarting sophisticated cyberthreats.

Another significant scenario tested the system against a blend of tactics used by groups like TA577, Turla and FIN6. This scenario started with a phishing email that delivered a malicious document and progressed through credential access, network discovery, privilege escalation, lateral movement and data exfiltration.

Despite the complexity and diversity of the threats, Acronis Cyber Protect Cloud with Advanced Security + EDR exhibited commendable coverage. The system detected all key techniques used in this scenario, demonstrating its adaptability and effectiveness against a spectrum of cyberthreats.

Excellent results prove Acronis EDR’s effectiveness

The results of these evaluations highlight the strengths of Acronis Cyber Protect Cloud with Advanced Security + EDR (and XDR, which includes EDR). Its high detection rates, detailed insights and comprehensive coverage against sophisticated and diverse cyberthreats are clear indicators of its effectiveness and reliability. Acronis has shown that its solution can adapt to different threat behaviors, providing robust protection and actionable insights that help organizations stay ahead of cyberthreats.

Acronis Cyber Protect Cloud with Advanced Security + EDR has proven itself to be a formidable EDR solution through AV-TEST's rigorous evaluation. By achieving the prestigious AV-TEST Approved Endpoint Detection and Response Certification, Acronis stands out as a top-tier solution in the realm of cybersecurity. This certification is a testament to the product's ability to provide high levels of security, making it a reliable choice for organizations looking to bolster their defenses against evolving digital threats.

AV-test specialists emphasized: “What differentiates Acronis EDR from other solutions is that it offers expanded automatic remediation options like file or image recovery, or even disaster recovery due to being a natively integrated solution.”

Read full report

About Acronis

A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.