All posts

Deep and direct ransomware testing

300 ways to run a ransomware attack!

Deep and Direct Ransomware Testing

SE Labs tested CrowdStrike Falcon against a range of ransomware attacks designed to extort victims. These attacks were realistic, using the same tactics and techniques as those used against victims in recent months.

Test like ransomware hackers

Testers attacked target systems, protected by CrowdStrike Falcon. Our testers in the lab acted in the same way as we observe ransomware groups to behave on the internet.

Attacks were initiated from the start of the attack chain, using phishing email links and attachments, as just two examples. Each attack was run from the very start to its obvious conclusion, which means attempting to steal, encrypt and destroy sensitive data on the target systems.

Continue reading “Deep and direct ransomware testing”
All posts

Anti-virus testing

How hard should a security test be?

Anti-virus testing

Anti-virus testing



Thank you for opening this report. We hope you’ll be able to use it to get a better idea about which anti-malware products you might want to buy (or get rid of!)

What do the awards mean?

The report starts off with a list of products, each of which win impressive-looking awards. But have you considered what those awards mean? How come there aren’t any massive losers in the list? How hard is this security test anyway?

Continue reading “Anti-virus testing”
All posts

Endpoint detection compared

We compare endpoint security products directly using real, major threats.

Endpoint Detection Compared

Welcome to the first edition of the Enterprise Advanced Security test that compares different endpoint security products directly. We look at how they handle the major threats that face all businesses, from the Global 100, down to medium enterprises. And most likely small businesses, too.

Choose the best enterprise endpoint security solution

We give an overall score but also dig down into the details that your security team will care about. This report explains the different levels of coverage that these products provide.

Continue reading “Endpoint detection compared”
All posts

Cyber Security DE:CODED – Testing like hackers

“When it’s not a pay-to-play test that’s behind the curtain…”

Show notes for series 2, episode 3

What does it mean to test like a hacker? Can a well-intentioned tester behave the same as a real cybercriminal?

When you’re looking for a good security test, how can you tell the useful from the misleading?

Our email accounts sit at the centre of our digital lives. We look at ways to bullet-proof your most important internet account.

We discuss these questions, and more, with Frank Duff (ex-MITRE, now Tidal Cyber), Mike Sentonas (CrowdStrike) and Siggi Stefnisson (Avast).

Security Life Hack from Daniel Cuthbert!

Continue reading “Cyber Security DE:CODED – Testing like hackers”
All posts

Endpoint Detection and Response is more than anti-virus

Understand cybersecurity testing with visible threat intelligence.

EDR is more than antivirus

An Endpoint Detection and Response (EDR) product is more than anti-virus, which is why it requires advanced testing. This means testers must behave like real attackers, following every step of an attack.

Intelligence-led testing

While it’s tempting to save time by taking shortcuts, a tester must go through an entire attack to truly understand the capabilities of EDR security products.

Each step of the attack must be realistic too. You can’t just make up what you think bad guys are doing and hope you’re right. This is why SE Labs tracks cybercriminal behaviour and builds tests based on how bad guys try to compromise victims.

Continue reading “Endpoint Detection and Response is more than anti-virus”
All posts

Anti-virus certification and ELAM

A route to accessing Windows Early Launch Antimalware (ELAM).

Anti-virus certification and ELAM

Anti-malware products monitor Microsoft Windows for malware. They try to notice when new, unwanted software runs, but some malware can be extra sneaky and hide. To get ahead of the game anti-malware products can start monitoring the system early, before other software applications start. The security software then watches as the various programs load during the Windows boot-up process.

Continue reading “Anti-virus certification and ELAM”
All posts

Cyber Security DE:CODED – Firewall speeds and VPN risks

“If they are not getting any money from you, then where are they getting the money from?”

Show notes for series 2, episode 2

Is your firewall as fast as you think? What does XDR mean and how does it work? Do you need a personal VPN?

We talk to Brian Monkman (NetSecOPEN), Chad Skipper (VMware), Luis Corrons (Avast) and Daniel Cuthbert.

This episode’s Security Life Hack from Dennis Batchelder (AppEsteem)!

Continue reading “Cyber Security DE:CODED – Firewall speeds and VPN risks”
All posts

Scoring Email Security Services

How seriously do you take the email threat?

Cyber criminals often use email as a way to start an attack. According to many sources email is by far the most common way that attackers try to gain access to your business and personal systems.

The UK government’s Cyber Security Breaches Survey 2022 reported that email phishing alone accounts for 83% of attacks.

Email cyber threat

But we all know that, don’t we? Because organisations, large and small, receive thousands of general and more targeted email threats every year.

Continue reading “Scoring Email Security Services”
All posts

Security policies helping or interfering?

When security policies and security testing meet…

security policies

Security solutions can stop you getting things done. They can make mistakes, interpreting your actions as malicious. And then block your work. But they can also blindly follow security policies set by the IT department. Sometimes they do both! How can you predict which products will be most accurate after you buy them?

Custom security policies

Your business most likely doesn’t rely entirely on the detections and protections offered by security solutions. IT usually needs to make a least some configuration changes. Default settings should be good, but businesses commonly make their own adjustments. Every company has its own characteristics and one size definitely does not fit all.

Continue reading “Security policies helping or interfering?”
All posts

Realistic cybersecurity testing

Simulated or real attacks in cybersecurity testing?

Realistic cybersecurity testing

There are many different ways to test cybersecurity products. Most of the common approaches are useful when evaluating a service or system, but they each have pros and cons. In this article we outline the basic differences and limitations. Can you achieve realistic cybersecurity testing?

Continue reading “Realistic cybersecurity testing”

Contact us

Please contact us and we will get back to you as soon as possible.


Get in touch

Feel free to reach out to us with any questions or inquiries

info@selabs.uk Connect with us Find us