We deliver the most comprehensive evaluations available, go beyond checklists to measure your solution against real-world tradecraft & provide personalized next steps.
Certification
If you are in need of validation our certification is an efficient way to validate your product.​ Currently valid for VirusTotal participation.
Bespoke testing
We are always looking to help new ideas and products establish a foothold in the market by proving their value using real world methodologies.
Consultation
We offer consultation to assess your security needs and tailor a plan that fits your requirements. Let us help you enhance your security measures.
EVALUATIONS
1. Scam & Phishing
AI has lowered the bar to launch new scams and convincing phishing lures for users. Security solutions have also advanced with several security solutions offering AI Assistants tailored to tackle complex scam tactics.​
Our evaluation is platform agnostic. We use real world scenarios to test like attackers do.
The growing rise of AI Assistants in technology raises the questions of their viability and the return on investments. Our evaluations establish the key value propositions brought by these to SOC workflows using key metrics.
Detection Accuracy & False Positive Rate
Combining our APT evaluation and Cloud & Identity for the most comprehensive view
Alert Efficiency
Percentage increase of alerts using the baselined number of alerts gathered during the baselining period.
Time to Initial Understanding (TIU)
The time it takes to understand the incident.
Dwell Time
The difference between the earliest possible time of detection to moment the intrusion is detected.
Time to Contain Time to Remediate
Measured from initial exposure time to the moment of containment and moment of normal business operations resuming, respectively.
Time to Advise & Implement
Measured from TC & TR to the time it takes to compile a list of vulnerabilities, recommend actions and implement them in the organization.
Credential & Identity abuse is the most common technique for an attacker to penetrate a company.  Evaluate your solution against the first ITDR & Cloud focused tradecraft.​
Suitable for MSSP, MDR, Identity & Cloud focused solutions or Email solutions.
Identity Scenarios Metrics
Ongoing Attack Rating
Detections occurred during the attacker’s activity.
Post Compromise Rating
Any detections or enriched data after the malicious activity has occurred.
Alert Efficiency
Percentage increase of alerts using the baselined number of alerts gathered during the baselining period. (across both operations).
Cloud Scenarios Rating
Intrusion
Detection efficacy of initial delivery methods.
Infiltration
Detection efficacy of actions on the initial target.
Propagation
Detection efficacy of actions taken to spread through the target organization.
Evaluate your solution performance across diverse industry verticals to benchmark your products ability to minimise operational downtime to businesses during a live ransomware surge. ‍
Key Metrics
Definitive Cross-Industry Activity
Assess a product efficacy across multiple industries.
Evaluate your solution against our innovative APT tradecraft. The most comprehensive Detection and Response testing assessing security efficacy, soft features and false positives.  ​
Suitable for EDR, NDR, XDR solutions
Efficacy Ratings
Detection
Measures the detection capabilities
Protection
Prevention focused scenario capabilities
False Positives
Scenario based legitimate accuracy rating
Capabilities assessment
Intrusion
Customisability of response options for responders to improve future detections
Infiltration
The variety of options available to a responder during an attack
Propagation
Detailed information of responses during an attack
Looking to highlight your product's real-world protection capabilities? Our Real World Protection certification programme demonstrates how effectively your solution prevents and responds to real-world threats—giving you the evidence you need to stand out in a competitive market.​
The certification requirements are 97% Protection in our Attack Rating.
If you are in need of certification for VirusTotal we can help by providing our malware scanning test in line with AMTSO best practices. The certification is performed according to AMTSO's Fundamental Principles of Testing using samples from the Real-Time Threat List.​
The certification requirements are 100% Â detection rate of the malicious corpus of samples and 0% false positive rate. Read more by downloading the methodology below.
How are your tests different from a typical pentest or vulnerability scan?
Artifact Security provides independent, bespoke security testing and assessment services. Instead of just running generic scans, tests are designed around each client’s real systems, threats, and goals so they reveal practical attack paths and concrete fixes.
Our reports are not just pentest reports. They are designed for all your stakeholders & team members.
What types of organizations do you work with?
Artifact typically works with three groups: -> Enterprises with complex or regulated environments. -> Security vendors who need independent testing of their products. -> High‑growth startups preparing to sell into enterprises or regulated sectors.
How often should we repeat testing?
At minimum, significant testing should be repeated after major changes in architecture or product, or annually if your environment is stable. High‑change or high‑risk organizations often move toward more frequent or continuous assessment.
How do you handle confidentiality and data protection?
Non‑disclosure agreements are standard. Only the minimum data needed for testing is accessed, access is logged, and all artifacts are stored and retained under strict controls and for agreed periods. Sensitive details in reports can be further restricted on request.
Can I give feedback on the methodologies or reports?
We pride ourselves in our transparency. If something is unclear please don't hesitate to contact us below. Always striving to offer you better services & products :)
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
