Skip to main content Skip to footer
CyberRatings
  • Research & Testing
    • Test Reports
      Browser Security
      Cloud Network Firewall
      Endpoint Protection
      Enterprise Firewall (formerly NGFW)
      Software-Defined Wide Area Network (SD-WAN)
      Security Service Edge (SSE) Threat Protection
      Zero Trust Network Access (ZTNA)
    • Mini TestsHow effective are the Cloud Service Provider (CSP) native cloud firewall offerings?What does "Secure by Default" mean for Security Service Edge solutions?
Our Ratings SystemResearch
  • Media
    • Blog
    • Press
    • Podcasts & Videos
  • Services
    • Test ToolsCyPerf Trial
  • NSS Labs Archive
0
Log inSign up
CyberRatings
Log inSign up
0
  • CyberRatings
  • Research & Testing
    • Browser Security
    • Cloud Network Firewall
    • Endpoint Protection
    • Enterprise Firewall (formerly NGFW)
    • Software-Defined Wide Area Network (SD-WAN)
    • Security Service Edge (SSE) Threat Protection
    • Zero Trust Network Access (ZTNA)
    • Mini Tests
    • How effective are the Cloud Service Provider (CSP) native cloud firewall offerings?
    • What does "Secure by Default" mean for Security Service Edge solutions?

    • Our Ratings System
    • Research
  • Media
    • Blog
    • Press
    • Podcasts & Videos
  • Services
    • Test ToolsCyPerf Trial
  • NSS Labs Archive
  • Log inSign up
  • CyberRatings
  • Research & Testing
    • Test Reports
    • Browser Security
    • Cloud Network Firewall
    • Endpoint Protection
    • Enterprise Firewall (formerly NGFW)
    • Software-Defined Wide Area Network (SD-WAN)
    • Security Service Edge (SSE) Threat Protection
    • Zero Trust Network Access (ZTNA)
    • Mini Tests
    • What does "Secure by Default" mean for Security Service Edge solutions?

    • Our Ratings System
    • Research
  • Media
    • Blog
    • Press
    • Podcasts & Videos
  • Services
  • NSS Labs Archive
  • Log inSign up

Read the press release on 2025 SSE Test Results

Press

« Back
« Back

CyberRatings.org Announces Test Results for Cloud Service Provider Native Firewalls

Protection ranged from 0.38% to 50.57% for security effectiveness.
November 26, 2024CyberRatings.orgPress

Austin, TX – November 26, 2024 – CyberRatings.org (CyberRatings), the non-profit entity dedicated to providing confidence in cybersecurity products and services through its research and testing programs, has completed an independent “Mini-Test” of Cloud Service Provider (CSP) Native Firewalls from Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Security effectiveness protection ranged from 0.38% to 50.57%.

In today’s cloud-centric environment, businesses often face a critical choice regarding the security of their cloud infrastructure. They can rely on firewalls offered directly by Cloud Service Providers (CSPs) or use independent security vendor firewall offerings typically available through the respective CSP’s marketplace. Security effectiveness is a crucial factor in selecting the right firewall solution, as it directly impacts the organization’s ability to protect against cyber threats.

The CSP firewalls were tested against 522 exploits using Keysight’s CyPerf v5.0 software testing platform, offering an evidence-based look at how well these native solutions withstand real-world security threats. Only known Common Vulnerabilities and Exposures (CVEs) from the last ten years with a severity of medium or higher were used to assess security effectiveness, usability, and protection. The exploit (CVE) types targeted servers and are typically relevant to cloud workload deployments.

Mini-Test Results:

“This was designed to be an entry level test,” said Vikram Phatak, CEO of CyberRatings.org. “The exploits were straightforward; we didn’t apply any evasions which is normally how attackers bypass security products. The number of missed exploits is concerning. Until cloud native firewalls demonstrate they have a higher level of security effectiveness to protect against cyber threats, we strongly recommend that customers consider third-party providers with a proven track record.”

This test is part one of a two-part test. Part two will include a higher number of exploits, along with evasions. The second part of the test will also compare cloud service provider native solutions against market leading third-party cloud network firewall providers.

The native firewalls were tested using Keysight’s CyPerf v5.0 software testing platform. Enterprises can easily replicate the results with a 2-week free trial from Keysight. Further details of the strike library can be found here: https://www.keysight.com/us/en/products/network-test/cloud-test/cyperf.html

Related content

How effective are the Cloud Service Provider (CSP) native cloud firewall offerings?

November 26, 2024
Mini Test

Cloud Network Firewall

Technology

CyberRatings.org Announces Test Results for Cloud Network Firewall

April 3, 2024
PRESS RELEASE

2024 Best Practices for Cloud Network Firewall Deployment

April 3, 2024
Configuration Guide

Best Practices for Cloud Network Firewall Deployment in 2024: Cloud Service Providers (CSP)

December 5, 2024
CONFIGURATION GUIDE

Exploring Cloud Service Provider Native Firewalls

December 5, 2024
BLOG

New Test of Google Cloud Platform’s Next Generation Firewall Shows Dramatic Improvement

January 21, 2025
PRESS RELEASE

Understanding Evasions and Their Significance in the Cloud Network Firewall (CNFW) Test

April 1, 2025
BLOG

CyberRatings.org Publishes Test Results on Cloud Network Firewalls

April 2, 2025
PRESS RELEASE

Sign up for our Newsletter

515 South Capital of Texas Highway
Suite 225
Austin, TX 78746

Phone: +1 (512) 333-1734

Fax: +1 (512) 727-2130

Contact Us

Research & Testing

  • Browser Security
  • Cloud Network Firewall
  • Endpoint Protection
  • Enterprise Firewall (formerly NGFW)
  • Software-Defined Wide Area Network (SD-WAN)
  • Security Service Edge (SSE) Threat Protection
  • Zero Trust Network Access (ZTNA)
Mini TestsHow effective are the Cloud Service Provider (CSP) native cloud firewall offerings?What does "Secure by Default" mean for Security Service Edge solutions?Our Ratings SystemResearch

Services

  • Test Tools
  • CyPerf Trial

Media

  • Blog
  • Press
  • Podcasts & Videos

About Us

  • Our Mission
  • Leadership

Research & Testing

  • Browser Security
  • Cloud Network Firewall
  • Endpoint Protection
  • Enterprise Firewall (formerly NGFW)
  • Software-Defined Wide Area Network (SD-WAN)
  • Security Service Edge (SSE) Threat Protection
  • Zero Trust Network Access (ZTNA)
Mini TestsHow effective are the Cloud Service Provider (CSP) native cloud firewall offerings?What does "Secure by Default" mean for Security Service Edge solutions?Our Ratings SystemResearch

Services

  • Test Tools
  • CyPerf Trial

Media

  • Blog
  • Press
  • Podcasts & Videos

About Us

  • Our Mission
  • Leadership

Copyright © 2022 - 2025 CyberRatings.org, All Rights Reserved. Use of this site governed by the Terms of Service

Privacy PolicyCopyright & Quote PolicyCookie Policy
Forgot Password?
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.
body::-webkit-scrollbar { width: 7px; } body::-webkit-scrollbar-track { border-radius: 10px; background: #f0f0f0; } body::-webkit-scrollbar-thumb { border-radius: 50px; background: #dfdbdb }