Elastic, the Search AI Company, announced that Elastic Security earned Certified status in the AV-Comparatives Endpoint Prevention and Response (EPR) Test 2025, delivering 99.3% effectiveness across both Active Response (automated blocking) and Passive Response (detection and alerting).
Elastic Security excelled in 50 targeted attack scenarios, delivering low false positives, zero workflow delays, and a favorable total cost of ownership (TCO) in a five-year enterprise deployment scenario. The AV-Comparatives EPR Test is widely recognized as one of the industry’s most demanding assessments. It replicates advanced persistent threat (APT)—such as multistage attacks across the full attack chain—from initial endpoint compromise, through lateral movement, credential theft, and exfiltration. Elastic outscored top competitors CrowdStrike, Palo Alto Networks and Fortinet on threat detection, while offering equal or lower total cost of ownership.
“Our exceptional performance in the AV-Comparatives EPR Test is clear validation of the effectiveness of Elastic Security and our dedication to protecting businesses in this ever-evolving threat landscape,” said Mike Nichols, vice president, Product Management, Security at Elastic. “The fact that we were able to stop over 99% of threats long before they could cause damage or data loss on corporate systems demonstrates why Elastic Security and its open AI- and data-driven approach exceeds the expectations of our users.”
Elastic Security Results in the 2025 EPR Test
AV-Comparatives EPR creates a comprehensive assessment across distinct targeted attack scenarios and compares results with 12 security vendors. Elastic’s results showed strong protection across different attack vectors:
- Active Response (prevention): Elastic automatically blocked the attack 99.3% of the time.
- Passive Response (detection): Elastic alerts enriched with MITRE ATT&CK mappings supported faster triage and forensic workflows 99.3% of the time.
- Operational Accuracy Cost: Elastic low-minimal false positives reduced analyst overhead.
- Workflow Delay Cost: Elastic had none – delivering security without productivity trade-offs.
“Elastic achieved strong results in AV-Comparatives’ 2025 Endpoint Prevention and Response Test,” said Andreas Clementi, CEO and founder of AV-Comparatives. “The product demonstrated consistent performance across both Active and Passive Response methods, highlighting its ability to provide reliable protection against a broad range of attack vectors.”
Elastic Security brings together SIEM and endpoint security on an open source platform, powered by Search AI, with a common set of AI-driven capabilities across use cases. This unified, open approach delivers industry-leading detection and prevention as well as fast and efficient response and investigations.
