Vendor: Google
Put your focus on Business Email Compromise (BEC) scenarios
Don’t ignore Business Email Compromise test cases
Good security testing is realistic, using the kinds of threats customers see in real life. This is why we put a lot of focus on Business Email Compromise (BEC) scenarios, rather than just more conventional threat types (like generic phishing and malware).
Put focus on Business Email Compromise (BEC) scenarios
Many organisations focus on blocking spam and detecting malware, but BEC attacks present a different kind of threat. BEC targets the human element of email communication. Attackers craft convincing, fraudulent emails that appear to come from legitimate sources, tricking recipients into transferring money, sharing sensitive information or performing other actions that compromise the organisation. BEC cases are not about malware detection or basic spam filtering. Instead, they exploit trust and authority.
These attacks may bypass traditional security mechanisms because they often don’t contain malicious links or attachments. Instead, they rely on social engineering, making them incredibly dangerous and quite hard to spot by either people or technology.
The cyber security industry refers to this sequence of steps as the ‘attack chain.’ The MITRE organization has documented these stages in its ATT&CK framework. While this framework doesn’t provide an exact blueprint for real-world attacks, it offers a structured guide that testers, security vendors, and customers (like you!) can use to conduct tests and interpret the results.
How we test
SE LABS Ⓡ tested three email security services, one that is commercial, the other open-source. We also tested a commercial email platform. Each service was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public attacks that were found to be live on the internet at the time of the test.
The results indicate how effectively the services were at detecting and/or protecting against those threats in real-time and shortly after the attacks took place.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. Our results help vendors improve their products and buyers choose the best for their own needs.
Does it matter if your company is hacked?
And why are some businesses overconfident that they are secure?
A true story: There was a team manager, a head of IT and a chief financial officer. I asked each if they considered their network to be secure, hacked or in some other state. The ex-military team manager was supremely confident that the secure network was, as its optimistic name suggested, secure. The IT manager said, “I don’t know,” and the CFO said, “I don’t know, and does it matter?” Does it matter if your company is hacked?!
It does matter, because when businesses are compromised it affects their ability to perform their main function: to make money.
Our reports help you choose the best enterprise and SMB security products that can protect your organisation from ransomware and other types of attacks.
Email Security Services (ESS) test: Enterprise and SMB test explained
This test examined the effectiveness of five email security solutions. Microsoft Defender for Office 365 and Google Workspace Enterprise are commercial email platforms. Trellix Email Security, WithSecure Email Security and Mailcow Open Source solution are third-party ‘add-on’ services designed to provide additional security. Of the ‘add-ons’, the services from Trellix and WithSecure are commercial, while Mailcow’s is open-source.
Does it matter if your company is hacked?
There are a couple of common reasons why people don’t think their organisations will be hacked. Firstly, they think that their security is the best. Secondly, they don’t think they are a worthy target. But all businesses are targets because they are designed to make money. And if they cannot operate, they can’t perform their main function – making money.
Hackers know this and extort money from victims by stealing their data and threatening to release it to the public, exposing victims to large regulatory fines and litigation. And, of course, there’s the embarrassment factor of looking amateur. Hackers can also encrypt data on business systems, paralysing companies until they pay up.
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. Our results help vendors improve their products and buyers choose the best for their own needs.
Choose your reports and reviews carefully
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. Our results help vendors improve their products and buyers choose the best for their own needs.
Does it actually matter if your company is hacked?
And why are some businesses overconfident that they are secure?
Does it matter if your company is hacked? A true story: There was a team manager, a head of IT and a chief financial officer. I asked each if they considered their network to be secure, hacked or in some other state. The ex-military team manager was supremely confident that the secure network was, as its optimistic name suggested, secure. The IT manager said, “I don’t know,” and the CFO said, “I don’t know, and does it matter?” Does it matter if your company is hacked?!
It does matter, because when businesses are compromised it affects their ability to perform their main function: to make money.
Oue reports help you choose the best enterprise and SMB security products that can protect your organisation from ransomware and other types of attacks.
Email Security Services (ESS) test: Enterprise and SMB test explained
This test examined the effectiveness of five email security solutions. Microsoft Defender for Office 365 and Google Workspace Enterprise are commercial email platforms. Trellix Email Security, WithSecure Email Security and Mailcow Open Source solution are third-party ‘add-on’ services designed to provide additional security. Of the ‘add-ons’, the services from Trellix and WithSecure are commercial, while Mailcow’s is open-source.
Product factsheets:
Does it matter if your company is hacked?
There are a couple of common reasons why people don’t think their organisations will be hacked. Firstly, they think that their security is the best. Secondly, they don’t think they are a worthy target. But all businesses are targets because they are designed to make money. And if they cannot operate, they can’t perform their main function – making money.
Hackers know this and extort money from victims by stealing their data and threatening to release it to the public, exposing victims to large regulatory fines and litigation. And, of course, there’s the embarrassment factor of looking amateur. Hackers can also encrypt data on business systems, paralysing companies until they pay up.
We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. Our results help vendors improve their products and buyers choose the best for their own needs.
Read this SE Labs assessment of world-leading email security products and discover how they handle well-known threats and targeted attacks.
Email security services tested
Cyber criminals often use email as a way to start an attack
A primary vector for cyber attacks, email services need to be secure. Email platforms provide one level of security while third-party companies offer additional services, claiming to increase protection.
Choose the best email security solution
Email security services don’t handle all threats in the same way. Some will be stopped dead, while others can infiltrate fully. Somewhere in the middle we see email quarantine systems, Junk folders and edited messages – emails that have their links, attachments and even the words in the message tampered with.
This tampering may effectively remove a threat, or it may not. There is a lot to assessing an email security solution!
How seriously do you take the email threat?
The approach that we take is to measure everything and then judge how important each result is. Our view is that keeping threats as far away from the user as possible is best. But sometimes security personnel need to see what’s coming in, so quarantines can be useful investigation tools. We have devised a scoring method that credits or penalises services according to our view on best outcomes.