All posts
Not equally well, is the short answer. Find out which anti-virus products are consistently the best. And how we help make anti-virus improvements.
Latest reports now online
Welcome to the final set of endpoint security tests for 2016. We’ve spent the entire year scanning the internet for prevalent threats that affect real people and exposing popular security products to those same threats in real-time.
Continue reading “How well does your anti-virus really protect you?”All posts
An attack rarely ends when the malware runs. That’s just the beginning…
Latest reports now online.
Testing security software is a challenging task and it’s tempting to take clever shortcuts. However, while doing so might save the tester time and other resources, it doesn’t always produce useful results. And if the results aren’t accurate then the test becomes less valuable to you when you’re choosing which product to use.
We are big supporters of the idea of full product testing. This means installing the security product the way it was intended to be used, on systems commonly used in the real world and ensuring that every component of that product has a chance to defend the system.
In practice this means that we installed the anti-malware products tested in this report on regular PCs that are connected to a simple network that has unfiltered internet access. We visit malicious websites directly, where possible, and use a special replay system when the bad guys start to interfere with our activities.
Since the beginning of this year we started including targeted attacks in our testing. These types of attacks try to compromise the target using infected documents and browser exploits. Once an exploit has succeeded we then continue ‘hacking’ the target. This step is crucial because in many cases it is these post-exploitation hacking activities that can trigger an alert.
Full product testing doesn’t just mean turning on (or leaving enabled) all of a product’s features. It also means running a full attack as realistically as possible. Testers should not make assumptions about how a product works. You need to act like a real bad guy to understand how these products protect the system. Can anti-malware stop hacking? Test like a hacker and find out. And read our results!
These reports, for enterprises, small businesses and home users are now available for free from our website.
All posts
How can we spread the word to users and stop the spread of ransomware?
According to a recent Herjavec Group report, profits from ransomware will spiral this year to over $1bn, and next year will see further explosive growth. The main vector for ransomware is always email. The reason is simple: Ignorance of the risks equals fat profits. It’s that obvious. The solution is to stop users clicking dodgy attachments, but how?
For the seeds of a possible answer, cast your mind back in the mid-1980s. As the AIDS epidemic hit the UK, the government’s response was a huge public awareness campaign. Everyone who was around at the time remembers “AIDS: Don’t Die of Ignorance“. There were TV and radio adverts, cinema and press adverts, and every home received a frank leaflet explaining everything. Cool new condom brands popped up almost overnight (pun intended). OK, since then, infection rates have risen, but the point is it seemed to help at the time, as the sharp dip in infection rates around that time implies.
Back to 2016, and according to Get Safe Online in the year to March cybercrime cost UK businesses over £1bn. The total figure will be much higher in the coming year due to ransomware. A recent Malwarebytes report claims that over half of all UK businesses have already been hit by ransomware. 9% were completely unable to function after the attack. Only 40% of those affected didn’t pay the ransom, so a whopping 60% decided to cough up.
If this is blindingly obvious to the cybersecurity industry, and to the pundits surrounding it, it should be equally apparent to the UK government and its advisors. But where are the hard-hitting TV and adverts and the leaflet campaigns aimed at the end user? After all, it’s the end user putting themselves and the companies they work for at risk.
Ransomware awareness campaigns are happening, but they can be limited in scope. They tend to be targeted at individual sectors, and at C-level executives, rather than end users. Until public awareness changes fundamentally, ransomware will charge ahead at full speed, and so will the otherwise avoidable financial losses.
If this is a war, then the sky is black with metaphorical bombers. Can you imagine the outcry if, during WWII in Britain, people were unaware that they should not open their blackout curtains to look at the planes going over? Equate this to opening dodgy attachments to see what they are, and you begin to see the scale and seriousness of the problem.
All posts
Ransomware is a nasty category of attack that we’ve seen dominating the so-called ‘threat landscape’ in recent months. It can affect every type of computer user including home users, small businesses and even extremely large enterprises.
Anyone who stores valuable data on a computer is at risk of this digital extortion racket, which encrypts data files and offers the key to recovery for a hefty price.
Continue reading “Anti-malware vs. ransomware: latest reports”All posts
I am proud to announce the first public reports from SE Labs, a new security testing company that tests a whole range of security products, from the sort of anti-malware program you run on your home PC to complex combinations of enterprise endpoint agents and appliances. We’re calling it Next-Generation Security Testing.
The new website will be live in the next day or so, after we’ve ironed out what I hope will be the last few wrinkles. (Update: 12/05/2016 – the website is live now).
Since January 2016 we’ve been testing endpoint security products by exposing them to live web threats and targeted attacks. The results are very interesting and will probably cause some controversy.
Continue reading “SE Labs: Next-Generation Security Testing”Give us a few details about yourself and describe your inquiry. We will get back to you as soon as possible.
info@selabs.uk
Connect with us
Find us
