The independent organization AV-TEST is a specialist in testing and evaluating antivirus and security suite software for Microsoft Windows, MacOS and Android operating systems. The tests and evaluations are based on various criteria.
AV-TEST conducted a comprehensive evaluation of ForeNova NovaCommand Network Detection and Response (NDR) in December 2022. Here the focus was on detecting and responding to malicious activity within a corporate network.
The test consisted of three scenarios, each designed to test the actions of Advanced Persistent Threats (APTs):
Scenario 1:
Database server violation – extracting data from a database
Scenario 2:
Encryption of sensitive data, ransomware - Encryption of data on the target host
Scenario 3:
Cryptojacking, crypto mining malware - using system resources to mine cryptocurrency
During testing, ForeNova NovaCommand effectively tracked and alerted the actions of the simulated threat actors as they moved through the network and performed other malicious activities.
These results underscore the importance of having robust network detection and response capabilities to protect against advanced threats
Overall, NovaCommand provided good coverage of attacker behavior and helps IT staff detect advanced attacks. The test results showed that NovaCommand recognized most of the steps.
In Scenario 1, only the Command and Control and Exfiltration steps were not recognized. All other tactics and techniques were well covered.
In Scenario 2, all steps were recognized.
In Scenario 3, some techniques were missed in the Discovery and Lateral Movement phases, while techniques were discovered in the Initial Access and Command and Control phases.
These results demonstrate that NovaCommand effectively detects and reports on a range of tactics and techniques used by attackers, which can help IT pros identify and respond to potential threats. The full details of the test setup and test scenarios can be found in this review.
source: https://www.av-test.org
