All posts
Network detection and response products monitor networks for attacks. They look for related information too, to help detect and recover from breaches.
SE Labs has applied its Enterprise Advanced Security testing methods to network detection and response products. In this video we explain how and why we test the way we do.
Continue reading “Network detection and response testing explained”All posts
Our Enterprise Advanced Security (EAS) tests can assess any security software, hardware appliance, cloud service or combination thereof. Always evolving, these tests have expanded to include new attacks.
(These tests were originally called the Breach Response test. We renamed them for a number of reasons.)
Research on real attacker behaviour is a fundamental element of our EAS testing. Our team looks at the real-world behaviour of advanced threat groups, known as Advanced Persistent Threats (APTs).
All posts
What makes a real-world security test useful? Does it need to provide a full assessment of a product or service? An assessment that is directly relevant for all potential customers? Or does it need to give just a taste of how effective a product can be?
Tests can vary in how they are run and the level of information that they provide. Not all tests are equally reliable or even useful. But one thing they all have in common is that they aren’t perfect. Let’s look at how tests are limited, how you can interpret them and what the future holds.
Continue reading “Can general security tests be useful?”All posts
Security tests ought to test for ‘false positives’. It’s important to see if a security product stops something good on a customer’s system, as well as the bad stuff.
Almost nothing in this world can be reduced to ‘good’ or ‘bad’ accurately. There is too much subtlety: what’s good for one person is bad for another. Someone else might feel neutral about it, or slightly positive or negative. The same applies when testing security products. It’s rare to get a straightforward good/ bad result.
An anti-malware product might block all threats but also all useful programs. It might ask the user frequent and unhelpful questions like, “Do you want to run this ‘unknown’ file?” Alternatively, it might let everything run quietly. Or prevent some things from running without warning or explanation. Maybe you want to see alerts, but maybe you don’t.
We look at how to put the nuance back into security testing.
All posts
Our reports are based on ‘testing security from zero to Neo’. Their wide scope helps you choose the best anti-malware product, that can protect you from ransomware and other types of attack.
There seems to be no limit to the powers of cyber criminals. In 2021 the public became aware of the advanced capabilities of the NSO group, now infamous for helping governments spy on dissidents and others.
Continue reading “Testing security from Zero to Neo”All posts
Your own network can provide everything that an attacker needs to achieve its goal. In many ways it’s impossible to tell the difference between an effective attacker and a good systems administrator.
Continue reading “Cyberattacks use your own tools”All posts
Our third annual report is now online. Free for all, it highlights the cybersecurity trends of this year. Which security products were the strongest? How are they tested? And how can you learn more about assessing security?
It’s been six years since we started testing endpoint security. We’ve trawled through all of our previous reports to show an interesting summary of how various products have performed over a long period of time. See who has improved and what challenges caused some products to fail.
Continue reading “SE Labs Annual Report 2021”All posts
Ransomware is causing all the rage right now. That’s why we’ve tested products that offer protection from ransomware.
It’s the type of threat that gets attention because a successful attack is extremely visible (the attacker needs you to know it’s worked, or you won’t pay!) Also, there is a direct and substantial cost attached to it. In addition to paying security specialists to help, there’s a fat ransom demand sitting on your screen.
While much hacking is subtle, stealing information silently, ransomware is in your face. It stops businesses in their tracks. It gets the attention of the finance directors. It provides powerful ammunition to security teams arguing for more resources. And, of course, it makes headlines.
All posts
Email ransom attacks are easy and common. It’s like ransomware, but without the clever coding. Not every hacking attack has to be sophisticated. Sometimes hackers simply demand money, with the threat of making life worse if you don’t pay.
The following is an example of a non-targeted, completely opportunistic email ransom attack that threatens to expose embarrassing personal details. A ransom of $1,650 will ensure the details stay private.
All posts
SE Labs tested VMware NSX Network Detection and Response against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.
By running the most realistic set of attacks possible we put NDR products to a significant challenge. Can they detect real attacks in real-time, often using unique scripts and malware? If you want to know more about advanced persistent threats on the network please read past the initial graphs in this report and dig into the detail.
Continue reading “NDR – Now Done Realistically”Give us a few details about yourself and describe your inquiry. We will get back to you as soon as possible.
info@selabs.uk
Connect with us
Find us
