Bitdefender Achieves Highest Score in AV-Comparatives Security Report

Bitdefender Small Business

We’re excited to announce that Bitdefender has been designated as a Strategic Leader in AV-Comparatives’ “Enterprise Prevention and Response CyberRisk Quadrant™” report, achieving the highest overall performance in the test. The test assessed and compared the performance of Bitdefender’s GravityZone Ultra, against 10 other cybersecurity solutions.

This is an incredible accomplishment and recognition of Bitdefender’s position in the endpoint security, endpoint detection and response, and endpoint protection and prevention market. GravityZone Ultra had the highest score possible (100%) for its speed in preventing attacks and earned a 99.5% mark for combined prevention and response capabilities.

The report also found Bitdefender GravityZone Ultra as having the lowest total cost of ownership (TCO) and highest ROI, a key measure of accessibility in the crowded cybersecurity market.

A recent AV comparatives report from last year also showed Bitdefender’s endpoint protection solution having up to 99% effectiveness with no false positives detected.

About AV-Comparatives and the report

The AV-Comparatives report is an independent, third-party reporting and testing organization that systematically checks and tests security software and solutions. We believe these kinds of third-party tests are critical for informing consumers and helping them make decisions on what tools they can trust while offering insight on how effective tools and platforms are in environments, helping potential customers cut through marketing and get an understanding of what they can expect from a solution.


The Endpoint Prevention and Response test provides a robust real life application of various EDR, EPR, and EPP solutions, anonymizing the vendors to remove any element of bias, while providing real life setups and applications of both the solutions and the environment. The test tests 10 different cybersecurity solutions across 50 separate targeted attack scenarios that covers a variety of different techniques.

This test measured a software’s ability to detect the threat, block the threat, the response to the threat, and how quickly the solution allowed a remediation option to be deployed. In its testing, AV-Comparatives aimed to replicate real-world set-ups in order to better assess how effective a solution may be, making the results more trustworthy and providing better expectations of a solution’s performance.

The most likely used setups and applications of the products were tested, in a real-world environment where attacks moved laterally and progressed across more severe forms of compromise, from endpoint compromise and foothold, to internal propagation, and asset breach.

This comprehensive and layered approach to testing is why the report marks this an “endpoint prevention and response” test. Because it’s testing scenarios customers are most likely to face, knowing how a solution acts at each phase of a compromise (prevention, detection, and response), it’s able to understand which solutions provide the best comprehensive endpoint security.

Measuring false positives, ROI, and TCO

A key aspect of this report is its measure of false positives, an assumed ROI, and the total cost of ownership (TCO). This calculation takes in a solution’s product cost, accuracy costs, intelligence costs, and calculates TCO based on the cost of an assumed breach and the money saved by breach prevention.

The test also tests the presence of false positives among solutions. This is an important characteristic of solutions because if a solution flags too many false positives, it’s creating more noise and work for your security department and team, resulting in accuracy costs, resource costs, and intelligence costs.

The presence of false positives shouldn’t be overlooked. A solution that flags too many false positives can result in:

  • An overworked team- If a team is spending too much time on false positives, they now have less time to focus on actual threats and alerts.
  • Risk of a missed threat- If a team is inundated with noise and false positives, they may miss or ignore a key alert, which can be disastrous for an organization.
  • A less productive department – Ultimately, the presence of false positives affects effectiveness, which may require the need of more staff and solutions.

These measures, alongside calculations of a product’s costs, an average data breach, and the saving from breach prevention is taken to provide a solution’s ROI and total cost of ownership. Effective security solutions shouldn’t just be considered tools that work like insurance, they should be providing a tangible benefit and ROI to a company.

How Bitdefender’s GravityZone Ultra fared

While the report measured a number of different outputs and behaviors across a number of breach and compromise scenarios, we wanted to highlight key findings.

Bitdefender was designated the Strategic Leader in the EPR CyberRisk Quadrant, receiving the highest mark compared to the other solutions for its Active Response (99%), Passive Response (100%), and Combined Prevention/Response Capabilities (99.5%).

The solution also had the lowest 5-year TCO per agent due to having measurable operational accuracy savings and having no measured false positives in all testing scenarios.

Lastly, Bitdefender was just one of two solutions that achieved a 100% score when looking at the cumulative active response across all phases of testing.


About GravityZone Ultra

GravityZone Ultra is Bitdefender’s comprehensive endpoint security solution that combines EPP and EDR efforts, offering support and security across the kill chain.

The cloud-based solution provides prevention support, detection, automatic response, and investigative capabilities, helping customers protect their assets where they’re most vulnerable. In order to improve efficiency and overall productivity, GravityZone Ultra aims to reduce the operational cost of traditional EDR solutions without compromising on accurate detection and response capabilities.

The solution also works to reduce noise and redundant information so users can focus on alerts that actually matter, while offering automated response options that will give back time to your team. Through this single solution, you can restore endpoints to pre-compromised states, learn from historical, and incoming data, enable security controls, and minimize your overall exposure.   


We’re incredibly proud of the report and test results and are excited that our solution, the result of hard work across a number of departments, and cybersecurity experts, is battle-tested and outperforms its closest competitors.

If you’d like to try out GravityZone Ultra for yourself, get your free trial here.