All reports

09/2024 - 09/2024

Email Security Services (ESS): Enterprise and Small Business 2024

ess

Put your focus on Business Email Compromise (BEC) scenarios

Don’t ignore Business Email Compromise test cases

Good security testing is realistic, using the kinds of threats customers see in real life. This is why we put a lot of focus on Business Email Compromise (BEC) scenarios, rather than just more conventional threat types (like generic phishing and malware).

Put focus on Business Email Compromise (BEC) scenarios

Many organisations focus on blocking spam and detecting malware, but BEC attacks present a different kind of threat. BEC targets the human element of email communication. Attackers craft convincing, fraudulent emails that appear to come from legitimate sources, tricking recipients into transferring money, sharing sensitive information or performing other actions that compromise the organisation. BEC cases are not about malware detection or basic spam filtering. Instead, they exploit trust and authority.

These attacks may bypass traditional security mechanisms because they often don’t contain malicious links or attachments. Instead, they rely on social engineering, making them incredibly dangerous and quite hard to spot by either people or technology.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download

The cyber security industry refers to this sequence of steps as the ‘attack chain.’ The MITRE organization has documented these stages in its ATT&CK framework. While this framework doesn’t provide an exact blueprint for real-world attacks, it offers a structured guide that testers, security vendors, and customers (like you!) can use to conduct tests and interpret the results.


How we test

SE LABS Ⓡ tested three email security services, one that is commercial, the other open-source. We also tested a commercial email platform. Each service was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public attacks that were found to be live on the internet at the time of the test.


The results indicate how effectively the services were at detecting and/or protecting against those threats in real-time and shortly after the attacks took place.

Choose your reports and reviews carefully

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. Our results help vendors improve their products and buyers choose the best for their own needs.

All reports

07/2024 - 09/2024

Endpoint Protection (EPS): SMB 2024 Q3

eps
Cyber Security Protection has Evolved

Cyber Security Protection has Evolved


Top-tier anti-virus solutions are undeniably ‘next-generation’. This term was introduced nearly a decade ago by newcomers to the industry: a marketing device designed to compete with almost unassailable anti-malware brands.

“Stop using that tired old anti-virus and try the new, improved approach! No more mistakes. No updates. Full protection!” Problem solved. Except in 2024 I don’t think anyone would claim that malware is a thing of the past.

Cyber security protection has evolved and the leading vendors have embraced advanced technologies to stay ahead of increasingly sophisticated threats. Traditional anti-virus relies solely (or mostly) on signature-based detection. That’s not enough to defend against modern-day attacks like ransomware, file-less malware and zero-day exploits.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download

Cyber security protection has evolved

Next-generation anti-virus is now the benchmark for the best security solutions. These systems go far beyond the old-fashioned model of looking for known malware signatures. Instead, they use a combination of machine learning, artificial intelligence and behavioural analysis to monitor how programs and processes behave in real-time.

How we test

We tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real-time.

Choose your reports and reviews carefully

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

All reports

04/2024 - 06/2024

Endpoint Protection (EPS): SMB 2024 Q2

eps
Is AI able to protect your Windows systems?

Is AI able to protect your Windows systems?

And are attackers using it to breach your network? Artificial Intelligence is ruling the stock market and may be on the verge of ruling the world if you believe the business influencers. If AI is as powerful as some say, surely it should be able to protect our windows systems from hackers?

The products in this test almost certainly rely on AI-related technologies to detect and protect against attacks. These technologies have been running in the background for about 20 years. We can argue that not only does anti-virus/ endpoint protection use AI, but it’s been doing so for many years, and certainly before Cylance claimed to be the first.

But I did something sneaky there. I slid in the word ‘-related’. Because when people talk about ChatGPT and other popular ‘AI’ tools, they are usually talking about something else. They are amazed by the utility of Machine Learning (ML) systems, which appear to be able to mimic human thought in a rather magical way.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download

Choose your reports and reviews carefully

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

All reports

01/2024 - 03/2024

Endpoint Protection (EPS): Small Business 2024 Q1

eps
Lift your org's security into top 1%

Lift your org’s security into the top 1%

Back to security basics, lift your org’s security into top 1%. It’s a shocking statistic, but most businesses don’t have a cyber security plan. Given the lack of general interest in cyber security, it’s no wonder that ransomware and less obvious threats are running riot through computer systems all over the world.


The same old cliched advice still applies to everyone:

  • Apply security patches when available.
  • Back up your important data.
  • Use multi-factor authentication.
  • Use endpoint protection.



If that sounds painfully basic and boring, I’m sorry. But it’s still the best advice out there. You don’t need AI, blockchain or other magical concepts to raise yourself to the top 1% of secure internet users.


If you want to know which endpoint protection to use, this report will help you or your business choose. There is, of course, more to cyber security than choosing an ‘anti-virus’ program though!

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download

Choose your reports and reviews carefully

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

All reports

10/2023 - 12/2023

Endpoint Security (EPS): SMB 2023 Q4

Essential endpoint security

Essential Endpoint Security

Realistic attacks for useful results

Critical Endpoint Protection Evaluations

Keeping your organisation safe from online threats requires strong endpoint protection. It’s not just important – it’s crucial. So, it’s a good idea to regularly check how well it’s working. Essential endpoint security means checking if the security tools on devices like desktops, laptops, and mobiles actually do their job. Why? Because these devices are often the target of online attacks. If they’re not protected, they can become a way for cybercriminals to get to your sensitive information.

Our reports help you choose the best home anti-malware product that can protect you from ransomware and other types of attacks.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download

How we test endpoint protection for small businesses

SE Labs brings a wealth of experience to the table when it comes to testing endpoint protection. We firmly believe in the necessity of conducting these tests regularly to ensure that security vendors are consistently updating and enhancing their effectiveness. Our testing approach involves recreating real-world cyberattack situations, allowing us to assess the performance of endpoint security solutions in terms of detection, prevention, and mitigation.

Choose your reports and reviews carefully

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

All reports

07/2023 - 09/2023

Endpoint Security (EPS): SMB 2023 Q3

Critical Endpoint Protection

Critical Endpoint Protection

Realistic attacks for useful results

Endpoint protection is a critical component of any organisation’s cybersecurity strategy

If it’s critical then you should test it. Testing endpoint protection involves evaluating the effectiveness of the security solutions that are deployed on endpoint devices. Devices such as desktops, laptops and mobile devices. Endpoint protection testing is necessary because endpoints are often the target of cyberattacks and can be used as a gateway to gain access to sensitive data.

Our reports help you choose the best home anti-malware product that can protect you from ransomware and other types of attacks.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download

SE Labs has extensive experience in endpoint protection testing. We have found that it is essential to conduct these tests regularly to ensure that the security vendors are keeping them up-to-date and effective. Our testing methodology involves replicating real-world cyberattack scenarios and evaluating how well the endpoint security solutions perform in detecting, preventing, and mitigating those attacks.

One of the key aspects of endpoint protection testing is the use of realistic attack scenarios. Our team of experts analyses the latest threat intelligence and creates attack scenarios that closely mimic the tactics, techniques, and procedures used by real-world cybercriminals. By doing so, we can determine how well the endpoint security solutions perform in detecting and preventing these attacks.

Choose your reports and reviews carefully

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

All reports

04/2023 - 06/2023

Endpoint Security (EPS): Small Business 2023 Q2

How can you test and judge endpoint protection products?

How can you test and judge endpoint protection products?

Back to basics

How can you test and judge endpoint protection products?

Working out which endpoint protection product is right for your organisation requires a lot of thought. Each product on the market has a pile of features and they don’t all do exactly the same thing. But at the very least, they should detect and stop malware threats. That should be your baseline when choosing between them. In our latest Endpoint Security (EPS) reports we test and judge endpoint protection products of many of the main brands, and we tell you how we do it.

Our reports help you choose the best home anti-malware product that can protect you from ransomware and other types of attack.

How we test endpoint protection products

Testing security technology is rarely simple. We’ve talked about online anti-virus reviews before, and how they can be too basic to help make sensible buying decisions. But we don’t have to get bogged down in
details here. Let’s get back down to basics. What should endpoint protection products do and how does SE Labs test them?

  1. Firstly, we install different anti-malware solutions onto real PCs – the sort you have on or under your desk. Then we attack those computers using threats we’ve found on the internet and using targeted attacks that we’ve built in our lab. Fundamentally, we behave like real attackers. It’s the purest kind of test.
  2. Secondly, we then score products on their performance. They get points for detecting the threat and further credit if they actually stop the attack. If they prevent the attack from running at all they score top marks for ‘blocking’ the threat.
  3. Lastly, we introduce good emails, websites and programs to the targets. If a security product blocks those, we deduct a lot of points because they are hampering users from using their computers properly.

Choose your reports and reviews carefully

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

Read this SE Labs assessment of world-leading endpoint security products and discover how they handle well-known threats and targeted attacks.

All reports

01/2023 - 03/2023

Email Security Services (ESS): Small Business 2023 Q1

Does it matter if your company is hacked?

Does it actually matter if your company is hacked?

And why are some businesses overconfident that they are secure?

Does it matter if your company is hacked? A true story: There was a team manager, a head of IT and a chief financial officer. I asked each if they considered their network to be secure, hacked or in some other state. The ex-military team manager was supremely confident that the secure network was, as its optimistic name suggested, secure. The IT manager said, “I don’t know,” and the CFO said, “I don’t know, and does it matter?” Does it matter if your company is hacked?!

It does matter, because when businesses are compromised it affects their ability to perform their main function: to make money.

Oue reports help you choose the best enterprise and SMB security products that can protect your organisation from ransomware and other types of attacks.

Email Security Services (ESS) test: Enterprise and SMB test explained

This test examined the effectiveness of five email security solutions. Microsoft Defender for Office 365 and Google Workspace Enterprise are commercial email platforms. Trellix Email Security, WithSecure Email Security and Mailcow Open Source solution are third-party ‘add-on’ services designed to provide additional security. Of the ‘add-ons’, the services from Trellix and WithSecure are commercial, while Mailcow’s is open-source.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download

Product factsheets:

Does it matter if your company is hacked?

There are a couple of common reasons why people don’t think their organisations will be hacked. Firstly, they think that their security is the best. Secondly, they don’t think they are a worthy target. But all businesses are targets because they are designed to make money. And if they cannot operate, they can’t perform their main function – making money.

Hackers know this and extort money from victims by stealing their data and threatening to release it to the public, exposing victims to large regulatory fines and litigation. And, of course, there’s the embarrassment factor of looking amateur. Hackers can also encrypt data on business systems, paralysing companies until they pay up.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. Our results help vendors improve their products and buyers choose the best for their own needs.

Read this SE Labs assessment of world-leading email security products and discover how they handle well-known threats and targeted attacks.

All reports

01/2023 - 03/2023

Endpoint Security (EPS): Small Business 2023 Q1

Five Antivirus Myths Busted

Five Antivirus Myths Busted

And why do we still believe them?

Antivirus, or endpoint security plays an essential part in protecting Windows PCs. Whether you are working in the world’s largest enterprise, or using a small personal laptop, you need a last line of defence against attacks that use malicious code to steal or damage your data.



Our reports help you choose the best SMB anti-malware product that can protect you from ransomware and other types of attack.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download

Five antivirus myths busted!

  1. Anti-virus slows your computer.
  2. Anti-virus only stops viruses.
  3. You must pay for great protection.
  4. Detection means protection.
  5. Updates are no longer necessary.

If you want to know more about anti-virus and the myths around it, check out our podcast episode Is Anti-Virus Dead?

Choose your reports and reviews carefully

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. Our results help vendors improve their products and buyers choose the best for their own needs.

All reports

04/2023 - 04/2023

Annual Report 2023: Threat Intelligence for 2023

Annual Report 2023

Cyber Threat Intelligence

Annual Report 2023: Threat Intelligence for 2023

Welcome to the fourth annual report from SE Labs. This edition focuses on cyber threat intelligence.

Understanding threats is crucial when trying to defend against them. Knowing your enemy’s tactics helps clarify security planning.

We use threat intelligence when testing security products, to ensure our results are useful to companies facing real threats in the real world.

We’re sharing our insights here to help you build a strategy for success in the face of the global cyber threat.

What are the Threats?

We explore the current threats and explain why so many organisations remain vulnerable. There’s good news and bad news…

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download

Ransomware

Learn about the very latest innovations in testing anti-ransomware security approaches.

Annual Security Awards

Our Annual Security Awards recognises security vendors that not only do well in our tests, but perform well in the real world with real customers. These awards are the only in the industry that recognise strong lab work combined with practical success.

How we work (and could work with you!)

Discover which types of tests we run and how we can work with you to improve your product or your choice of products.

Contact us

Give us a few details about yourself and describe your inquiry. We will get back to you as soon as possible.

Get in touch

Feel free to reach out to us with any questions or inquiries

info@selabs.uk Connect with us Find us