AVLab: behind the test
AVLab Cybersecurity Foundation is an independent security research organization that operates as a member of the Anti-Malware Testing Standards Organization (AMTSO) and the Microsoft Virus Initiative (MVI). Its mission is to improve cybersecurity transparency through repeatable, realistic evaluations.
The lab’s public methodologies and detailed reports provide a counterpoint to vendor-curated benchmarks. AVLab’s tests use malware sourced from honeypots, threat intelligence feeds, and live campaigns. The goal is to measure real-world resilience, and this objectivity is invaluable for enterprises selecting a security solution.
Inside the November 2025 test
The November edition introduced concrete shifts to reflect a changing environment. AVLab replaced the Firefox browser with Opera for testing. Opera is based on the Chromium engine but retains the native Windows “Save as” dialog.
The lab also began migrating its test environment to Windows 11 25H2 Pro. This gradual transition ensures evaluations remain relevant to current enterprise deployments. Some solutions will complete this migration in early 2026.
The test deployed 244 active malware samples. 214 were delivered via HTTP, 30 through encrypted HTTPS connections. The scope of monitored attack techniques was also expanded, as the test now tracks over 70 confirmed Living off the Land Binaries (LOLBins) and critical registry keys used in real-world campaigns.
Emsisoft Enterprise Security + EDR was tested with its default configuration. The settings included automatic PUP repair, EDR, Rollback functionality, and browser protection. This is a standard deployment for a business environment.
Emsisoft’s November 2025 performance
The recent test results reveal a precise and effective defensive response. Emsisoft blocked every one of the 244 threats. The breakdown shows a focus on early intervention. 85.25% of samples were neutralized pre-execution, stopped at the point of download, or before launch. The remaining 14.75% were caught post-execution by behavioral analysis.
The average time from threat introduction to complete neutralization was 1.752 seconds. The industry average remediation time for this test was 14 seconds.
Emsisoft Endpoint Protection: Award-Winning Security Made Simple
Experience effortless next-gen technology. Start Free TrialConclusion
AVLab’s continuous methodological evolution ensures its tests remain a rigorous proxy for real-world attacks. Passing these tests requires an adaptable, deeply integrated security architecture, not just a static set of signatures. Emsisoft’s performance in the November 2025 evaluation demonstrates precisely this capability. The perfect detection and rapid remediation offer enterprises a verified foundation.