 |
Independent evaluation delivers unambiguous results on detection coverage, telemetry quality, and SOC usability across leading EDR, XDR, and MDR products
INNSBRUCK, Austria, May 13, 2026 /PRNewswire/ — AV-Comparatives today published the results of its 2026 EDR Detection Validation Test. Nine enterprise solutions achieved certification in one of the most in-depth independent evaluations of detection capabilities currently available to the market.
Ai interpretation of a modern SOC in a dark setting with multiple analysts.
The test was designed to answer a question that matters increasingly to enterprise buyers: not whether a product detects an attack, but how clearly, consistently, and usefully it does so. The 2026 results provide that answer in a form that leaves no room for interpretation.
Clear results for analysts, administrators, and decision-makers
Forensic analysts, SOC administrators, and enterprise decision-makers face a common challenge: detection data is often abundant, but rarely clear. AV-Comparatives’ methodology addresses this directly. Every step of a realistic 14-stage Advanced Persistent Threat scenario is evaluated individually, with explicit distinction between Active Response (immediate alerts) and Telemetry (visibility requiring investigation). The outcome is a transparent, step-by-step view of what each product sees, how it presents that information, and what effort is required to reconstruct an attack chain.
There is no cherry-picking and no interpretation gap. Products are evaluated in detection-only mode to ensure prevention mechanisms do not distort the picture, and dedicated Signal-to-Noise scenarios assess behaviour during benign administrative activity. The result is a benchmark that mirrors operational reality in the SOC, where both missed signals and excessive noise carry real cost.
Certified products
The following nine solutions achieved certification in the 2026 test round: Bitdefender GravityZone Business Security Enterprise, ESET PROTECT Elite, Fortinet FortiEDR, G DATA 365 | MXDR, Genian Insight E, Kaspersky EDR Expert (on-premises), ManageEngine Endpoint Central with EDR, Palo Alto Networks Cortex XDR Pro, and Sangfor Athena AI-Native EPP.
Only certified products are publicly listed. Non-certified vendors receive detailed feedback to support further development.
AI: from stronger protection to more efficient SOCs
AI has been part of the vendor arsenal for years, quietly strengthening protection layers across the industry. The 2026 evaluation makes clear that its role is now expanding: AI is increasingly used to summarize detection results, improve their readability, and streamline analyst workflows. The direction of travel is unmistakable – from boosting protection to making SOCs measurably more efficient. For administrators and forensic experts working under constant pressure, that shift is as welcome as it is overdue.
Availability
The full test report is available at: https://www.av-comparatives.org/edr-detection-validation-certification-test-2026/
The EDR Detection Validation Test is open to EPP, EDR, XDR, and MDR vendors seeking independent validation of their detection capabilities.
About AV-Comparatives
AV-Comparatives is the leading independent cybersecurity testing organization, evaluating security solutions that have evolved far beyond traditional antivirus software. Our systematic testing assesses modern endpoint protection, threat detection, and mobile security across PC, Mac, Android, and IoT devices. Using one of the world’s most relevant and sophisticated threat collections, we create real-world testing environments for comprehensive evaluation. Test results are freely accessible worldwide, and AV-Comparatives certification provides a globally recognized seal of approval for proven cybersecurity performance.