AV-Comparatives Validates EDR/XDR Detection Capabilities in 2025 Certification Tests

Introduction

As cyberattacks become increasingly sophisticated, the need for effective threat detection is more crucial than ever. At AV-Comparatives, the recently announced 2025 EDR/XDR certification tests aim to provide comprehensive evaluations of cybersecurity solutions in real-world threat scenarios. The objective of this initiative is to support Chief Information Security Officers (CISOs) in determining how well their tools can uncover hidden threats across varied attack vectors.

The Importance of EDR/XDR Certification

"Detection cannot merely be a checkbox; it must reflect the real capabilities of the security tools," states Andreas Clementi, CEO and founder of AV-Comparatives. The 2025 certification tests are intended to evaluate the precision and transparency of threat identification and reporting in enterprise cybersecurity solutions. This independent assessment focuses on how these solutions perform against advanced threats, enabling organizations to enhance their defenses in a landscape fraught with risks.

Test Methodology

Unlike previous tests such as the EPR which centered on prevention, the EDR test assesses how well products detect and document every phase of an intrusion under complex attack scenarios. All products were evaluated solely in monitoring mode, meaning that protection features were disabled during testing. The framework for the evaluation involved simulating Advanced Persistent Threats (APTs) utilizing known Tactics, Techniques, and Procedures (TTPs) from models like MITRE ATTACK.

Key Highlights of Testing

- Execution of intricate attack chains to gauge detection capabilities.
- Validation of detection through alerts in management consoles or via manual threat hunting in telemetry.
- A transparent certification model allowing only products meeting a defined evidence threshold to be certified and publicly listed.

Outcomes and Findings

So far, five out of seven solutions have successfully achieved certification under this rigorous testing methodology. The certified products include:
1. CrowdStrike Falcon Pro
2. ESET PROTECT Enterprise Cloud
3. G DATA 365 MXDR (MDR Solution)
4. Kaspersky Next EDR Expert (In Pilot Testing)
5. Palo Alto Networks Cortex XDR Pro

G DATA's involvement demonstrated that even managed detection and response (MDR) solutions can undergo reliable assessments in realistic, controlled attack conditions.

Future Improvements

The feedback garnered from independent analysts has contributed to enhancing transparency, ratings, and in-depth validation of telemetry during the 2025 tests. As AV-Comparatives moves forward, further enhancements are planned for the certification assessments in 2026.

Invitation to Participate

The EDR Detection Validation Test is open to EPP, EDR, XDR, and MDR vendors seeking independent validation of their detection capabilities. By obtaining certification through AV-Comparatives, providers gain industry recognition and insights into the real-world performance of their solutions. Interested parties are encouraged to contact AV-Comparatives to partake in the next testing cycle.

Conclusion

With cyber threats continuing to evolve, businesses must prioritize effective detection mechanisms. The 2025 EDR/XDR certification by AV-Comparatives serves as a pivotal tool for organizations aiming to strengthen their cybersecurity frameworks. For more information on the certification tests and results, visit AV-Comparatives.