Vendor Product Effectiveness Ranged from 2.95% to 100%
CyberRatings.org (CyberRatings), the non-profit organization dedicated to providing insight into the capabilities of cybersecurity products and services through independent testing, today announced the comparative results of its latest Security Service Edge (SSE) evaluation. The findings expose a striking disparity in product performance: Security Effectiveness ranged from 2.95%to100%, underscoring just how uneven SSE protection remains across vendors.
https://mma.prnewswire.com/media/1471467/CyberRatings_Logo_New.jpg
The disparity in product performance underscores just how uneven SSE protection remains across vendors.
OnlyFortinet, Palo Alto Networks, Versa Networks, and Zscalerearned aRecommended rating, while products fromCisco, Cloudflare, and Skyhighwere ratedCautiondue to failures in critical tests.
Despite meeting our inclusion criteria and high market interest, we were unable to include Cato Networks and Netskope in this test. Netskope's high entry level licensing cost and their lack of responsiveness to our inquiries to purchase their product rendered it inaccessible. Cato was explicit in their refusal to engage with us or allow us to procure licensing for any form of independent third-party validation.
“With cloud-delivered products rapidly evolving through continuous integration and deployment, customers have little visibility into what changes under the hood,” saidVikram Phatak, CEO of CyberRatings.org. “Only by conducting regular independent testing can enterprises ensure they're not left vulnerable to silent failures that could go unnoticed for months.”
Of all the SSE test criteria,blocking evasions had the most impact on security effectiveness. Evasion techniques are used by threat actors to disguise or modify attacks, so they slip past defenses. While most products excelled at blocking known malware and exploits, three failed to stop evasions -exposing organizations to entire classes of undetected attacks.
These independent tests uniquely stress real-world evasion techniques that standard evaluations often overlook – the techniques cybercriminals rely on to bypass security measures.
The SSE evaluation was designed to reflect modern, adversarial conditions and covered:
— Malware: 6,184 malware samples in active use by global threat actors.
— Exploits: 205 exploits of known vulnerabilities.
— Evasions: 1,154 evasions spanning 37 categories of techniques.
— False Positives: 1,514 legitimate files and applications, verifying security measures do not impact users and operations.
— TLS/SSL: Encrypted attacks using cipher suites that represent ~97% of real-world HTTPS traffic.
Security Service Edge is inherently complex – a multi-layered technology stacked atop ever-changing cloud environments. Customers typically have minimal visibility into how these systems operate and testing them independently is challenging. This double-layered opacity makes third-party validation essential to diagnose performance issues, fine-tune policy enforcement, and ensure real security outcomes. CyberRatings strongly urges organizations to adoptperiodic or ongoing third-party testingto ensure consistent protection and compliance.
NSS Labs is the Official Testing Partner of CyberRatings. Keysight's CyPerftoolwas used for performance and TLS/SSL functionality, andTeraPacketsThreat Replayertool was used for exploit replay validation.
The comparative report and in-depth test reports for each product tested are available atcyberratings.org.
Additional Resources:
SSE Threat Protection Methodology v2.1
About CyberRatings.org
CyberRatings.org is a 501(c)6 non-profit organization dedicated to providing insight into the capabilities of cybersecurity products and services through independent testingprograms. We provide enterprises with independent, objective ratings of security product efficacy to make informed decisions. To become a member,visitwww.cyberratings.organd follow us on LinkedIn.
https://c212.net/c/img/favicon.png?sn=DA31297&sd=2025-07-16
View original content to download multimedia:https://www.prnewswire.com/news-releases/cyberratingsorg-test-results-reveal-critical-failures-in-sse-302506312.html
SOURCE CyberRatings.org
https://rt.newswire.ca/rt.gif?NewsItemId=DA31297&Transmission_Id=202507160600PR_NEWS_USPR_____DA31297&DateId=20250716