Aurora Endpoint Security has been independently benchmarked by The Tolly Group, confirming 100% protection against recent malware samples while maintaining low system resource use.
The evaluation was conducted on Windows 11 systems and included Aurora Endpoint Security’s performance against 1,000 recent malware samples sourced from prominent public repositories. The results identified that Aurora Endpoint Security detected and protected against all malware samples without exception, exceeding benchmark standards set by the illustrative industry composite.
The report also measured resource consumption, with Aurora Endpoint Security averaging approximately 33% CPU utilisation during scanning. This level of resource use is almost half that of the industry composite benchmark, which, according to the findings, supports continuous endpoint protection while preserving endpoint performance and user productivity.
Expert commentary
“Achieving perfect threat protection while maintaining such low resource utilization is rare in endpoint protection,” said Kevin Tolly, Founder at The Tolly Group. “Aurora Endpoint Security not only delivers exceptional efficacy but also does so in a way that preserves performance and productivity – two factors that are often at odds in endpoint defense solutions.”
The Tolly Group’s assessment also highlighted several features that distinguish Aurora Endpoint Security within the endpoint detection and response (EDR) category. These include the ability to stop advanced threats at their earliest stages, maintain full detection and response even when offline, and leverage artificial intelligence (AI) to relieve the workload of security analysts.
During evaluation, Aurora Endpoint Security successfully prevented a simulated multi-stage cyberattack before any lateral progress could be made by the attack chain, demonstrating inhibition at the earliest phase of an intrusion attempt. The report also validated Aurora Endpoint Security’s full detection and response capabilities for systems that are offline – a feature identified as particularly valuable for operational technology environments and remote, disconnected assets.
AI features
A key aspect of the product’s usability is its integrated AI assistant. According to The Tolly Group, this system delivers contextual explanations and MITRE ATT&CK mappings directly, dispensing with the need to make external queries and thus reducing the manual workload on security teams. This can help security operations maintain focus on high-priority tasks rather than routine threat assessment and documentation.
Industry perspective
“Tolly’s validation confirms what our customers experience every day: Aurora Endpoint Security delivers the highest levels of endpoint protection while minimising the strain on systems and security teams,” said Dan Schiappa, president, Technology and Services. “As part of the Arctic Wolf Aurora Platform, it extends advanced prevention, detection, and response directly to the endpoint, giving organisations the speed, efficiency, and confidence they need to stay ahead of modern threats.”
The Aurora Endpoint Security portfolio includes four solutions: Aurora Protect, Aurora Endpoint Defence, Aurora Managed Endpoint Defence On-Demand, and Aurora Managed Endpoint Defence. These offerings enable customers to implement AI-driven security measures for prevention, detection, and response at the endpoint level. Integration with the broader Arctic Wolf Aurora Platform allows the solution to use insights from a customer base in excess of 10,000 organisations and data sets that contain trillions of security observations per week.
Critical infrastructure relevance
For stakeholders in critical infrastructure and government, the validation by The Tolly Group provides assurance of Aurora Endpoint Security’s applicability to operational technology (OT) environments. Offline protection, in particular, is emphasised in the report as a crucial capability for entities managing remote or isolated assets under obligations such as those set out by the SOCI Act governing resilience and continuity.
