https://www.mrg-effitas.com/wp-content/uploads/2019/02/MRG_Effitas-2018Q4-360.pdf All products tested were business AV versions except for Windows Defender. All tested products were certified at Level 1. Of note, PUA/Adware, Exploit/Fileless, False positive and Performance tests are not part of the certification. So if these categories are of interest, those report sections need to be reviewed in detail.
WD doesn't have an IDS. AV's like Eset and Kaspersky for example identify exploits using CVE designation data. The exploits used in the test were quite old; 2014 and older. Also the exploits were not OS but app related ones. Suspect the exploits WD missed were non-IE11 related; e.g. Adobe Reader. If you go to the wicar.org web site and perform the exploit tests there which are all browser based, IE11 SmartScreen detects them all. In other words, the web sites are blacklisted in SmartScreen. -EDIT- Also to my best knowledge, WD does not employ advanced memory scanning whereas WD ATP does as noted in this Microsoft article: https://cloudblogs.microsoft.com/mi...ith-behavior-monitoring-amsi-and-next-gen-av/ . Of note is a large part of this article is dedicated to WD detection of script based malware via Win 10 AMSI interface; something all the major AV vendors also employ. However, these AV vendors also have advanced memory scanning capability to detect w/o AMSI methods. Finally, AMS has its limitations in that it can only detect malware in memory for which it has existing code or behavior signatures.
