Security vendor services

SE Labs works closely with companies that make and sell security products and services to provide evaluation, validation and quality assurance services.

Our assessments are available for products at pre- and post-production stages. We also work with partners to continually monitor a product’s performance through its life cycle.

What do we test?

We test security products that are designed to protect endpoints, networks and mobile services. This includes cloud-based protection services, Endpoint Detection and Response (EDR) applications, anti-virus solutions and Intrusion Detection and Protection Systems (IDS/IPS).

Public vs private testing

Our public reports show your potential clients how your products compare with the competition and, arguably more importantly, how they handle adversaries.

Private testing is available to validate a product’s abilities to private clients, potential investors or prepare for third-party testing such as MITRE’s ATT&CK tests.

Knowledge and analysis combined with lab results

We specialise in providing consultancy on security product effectiveness. Our oversight of the threat landscape and the security market is invaluable in helping you really understand the strengths and weaknesses of your product. Our analysis uniquely combines deep knowledge of threats, products and lab work.

The tests

The range of tests that we conduct include, but are not limited to:

Breach Response Test (BRT)

This test exposes a product, which could be an endpoint-, cloud- or appliance-based product, to a range of advanced targeted attacks. BRT tests produce stand-alone reports that do not directly compare products from different vendors and can be considered an extension to a MITRE ATT&CK Evaluation.

We conduct these tests using a range of engagement levels, include high-interaction projects in which our team works directly with yours to help develop a product’s detection and protection abilities.

BRT reports can be conducted privately or publicly. Public reports are available on our website in the Reports section.

Email Security Services Protection (ESSP)

This test uses a combination of general and targeted attacks to assess the effectiveness of email security services against threats including phishing, business email compromise (BEC), social engineering and malware. The first of its kind, the ESSP test can be considered as an email penetration test service and is trusted by major email platforms and email security start-ups alike.

Endpoint Protection (EPP)

Our landmark security test that set our approach as the most detailed and accurate in the world, the EPP test analyses how endpoint products handle malware, exploits and targeted attacks. It can be conducted publicly or privately. Public comparative tests are available on our website in the Reports section, which includes results for products suited to enterprises, small businesses and home users.

On-Demand Malware Detection certification

This certification verifies that a product can detect known and previously unknown malware, independently from third-party scanners. Our ODAMD certification is accepted by VirusTotal as a valid independent certification for new scanners hoping to join its community.

Find out more

SE Labs analysis is trusted by a wide range of world-leading enterprises, analysts and media. We are ISO / IEC 27001 : 2013 certified and BS EN ISO 9001 : 2015 certified for The Provision of IT Security Product Testing. All our methodologies are available in the Reviewers Guide section of our website and, where appropriate, we run our tests under the AMTSO Standard.

Contact us now to start a conversation and find out how we can best help.

Existing clients can log into our results portal for in-depth insights into their products’ performance.

Sign up to our newsletter to receive all of the newsletters we send to our clients and yours, as well as announcements related to our testing activities.