Objective Information for Informed Decisions
Public Testing
Test Date: May, 2020
AV-Comparatives
AV-Comparatives is an independent organization offering systematic testing for security software. Using one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. VMware Carbon Black is a new entrant to AV-Comparatives testing and very proud to have received a 100% on malware, and 99.8% on the real-world protection tests, during the initial testing period (March-April 2020), and scoring better than most of our direct competitors.

Test Date: April, 2020
MITRE
VMware Carbon Black is proud to be a two-time participant in the MITRE ATT&CK EDR evaluation. This test is built to exercise how well an EDR tool supplies its operators with the visibility and features they need to detect threats. Unlike other tests that measure automated prevention, this test reflects how threat hunters operate in the real world, pitting skilled professionals against a common set of threats.

Test Date: June, 2020
AV-Test
Although primarily malware focused, we believe participation in AV-Test is important because it provides a well-rounded sample and includes a robust false-positive test that paints a realistic picture of what running AV is like in production. Carbon Black has consistently achieved 100% blocking rate of prevalent malware set and 100% detection rate of all attacks in these tests.

Test Date: June-July, 2018
OPSWAT
The OPSWAT program abides by all industry standards and procedures, making the badge an industry-wide stamp of approval. This certification verifies that endpoint security products are supported by the OESIS Framework and therefore compatible with the many solutions that employ OESIS. It is for these reasons that we believe this program is an important one, which we are committed to participating in.

Test Date: June, 2018
ICSA Labs
As a security vendor, it’s important to regularly check how your product is performing in the market. For this reason, Carbon Black participates in the monthly ICSA Labs Anti-Malware test, where our product is evaluated against the most current known malware. We’ve consistently received a 100% prevention rating, validating that our detection capabilities.

Not all tests are built the same.
When evaluating third-party test results, watch out for:
- Vendors who only participate in sponsored testing, where they control the test
- Vendors who opt out of rigorous prevention tests such as NSS Labs AEP
- Vendors who don’t adopt diversity in their testing strategy
- Tests that only exercise a limited portion of the attacker techniques across the entire killchain
Membership
AMTSO
Anti-malware testing isn’t easy, and it can be biased or easily rigged. AMTSO’s charter has been set to address the global need for improvement in the objectivity, quality, and relevance of anti-malware testing methodologies. We believe in AMTSO’s mission of defining a set of standards that all vendors and testers should adhere to, so that we can have truly unbiased, objective independent testing.

Product Attestations
Coalfire Report: Endpoint Standard PCI DSS Attestation
Coalfire Systems, a respected QSA company, found that VMware Carbon Black Endpoint Standard, passed AV-efficacy and directly meets the PCI DSS anti-malware security control requirement.
Coalfire Report: App Control PCI DSS Attestation
App Control provides coverage across eight of the 12 requirements of the PCI DSS and supports critical security goals.
HIPAA Compliance Attestation
Coalfire Systems, Inc. describes how the VMware Carbon Black Cloud and Workspace ONE platforms can help organizations comply with the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, based on the sample testing and evidence gathered during Coalfire’s assessment.