Nothing wrong with comparing against a single benchmark, regardless of how good/bad the benchmark itself is. On the other hand, how would you have gone about measuring the security of browsers in a meaningful way?