Zero to Neo

Targeted attacks come in all levels of sophistication

Our reports help you choose the best SMB anti-malware product that can protect you from ransomware and other types of targeted attacks.

Choose the best SMB endpoint security solution

There seems to be no limit to the powers of cyber criminals. In 2021 the public became aware of the advanced capabilities of the NSO group, now infamous for helping governments spy on dissidents and others.

Targeted targets

The SolarWinds attack compromised some of the largest organisations in the world (and my implication, their customers – and so on, down the supply chain). And the US’ largest oil pipeline company was breached, and its systems held to ransom.

Most analyses of these incidents recognise that endpoint security was attacked. As we alluded to in our annual report this year, breaches are a process. The initial stages of these famous attacks may not have involved a Windows PC but if your organisation grinds to a halt because everyone’s laptop is showing a red warning and a Bitcoin demand then the endpoint was compromised at some point. It needs protection, regardless of other security layers in play.

We include targeted attacks in our endpoint protection tests because hackers can use a variety of techniques to attack endpoints. Not all targeted attacks are as sophisticated and focussed as the automatic iPhone exploits used by the NSO Group. Sometimes a targeted attack can be as simple as someone using a basic tool downloaded from the internet. Your adversary might be your neighbour, rather than a government-backed organisation. In fact, that’s possibly more likely.

Protection is expected

It doesn’t really matter who represents a threat to you: a resourceful cyber ninja or an idiot colleague. When you or your business buys an endpoint protection product you expect it to stop attacks, sophisticated or otherwise. When you read the results in this report, remember that all it takes is one successful attack to ruin your day or your company.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

Advanced Security (EDR): Kaspersky

SE Labs tested Kaspersky Endpoint Detection and Response against a range of hacking attacks. These were designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.

We used full chains of attack, meaning that our testers behaved as real attackers, probing targets using a variety of tools, techniques and vectors before attempting to gain lower-level and more powerful access. Finally, the testers/ attackers attempted to complete their missions, which might include stealing information, damaging systems and connecting to other systems on the network.

In this report we explain the threats used and explore how the tested product interacts with them. You might notice a similarity between the way we present this information and the way that the MITRE ATT&CK framework illustrates threat chains. This is not a coincidence. Our goal is to share information in ways that are familiar and easily understandable by the security community and its customers.

Read more of our reports here.

SMB Ransomware Protection Tested

Red screens means red faces. Prevent, don’t pay!

Our reports help you choose the best enterprise anti-malware product that can protect you from ransomware and other types of attack

Choose the best home anti-malware solution

Ransomware is causing all the rage right now. It’s the type of threat that gets attention because a successful attack is extremely visible (the attacker needs you to know it’s worked, or you won’t pay!) Also, there is a direct and substantial cost attached to it. In addition to paying security specialists to help, there’s a fat ransom demand sitting on your screen.

While much hacking is subtle, stealing information silently, ransomware is in your face. It stops businesses in their tracks. It gets the attention of the finance directors. It provides powerful ammunition to security teams arguing for more resources. And, of course, it makes headlines.

Ransomware attacks used to be splashed around automatically. Anyone could be unlucky enough to click on the wrong link and face a red screen asking for a Bitcoin. And these ‘commodity’, untargeted ransomware attacks still exist. Some of the threats used in the making of this report are just such attacks.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

Enterprise Ransomware Protection Tested

Red screens means red faces. Prevent, don’t pay!

Our reports help you choose the best enterprise anti-malware product that can protect you from ransomware and other types of attack.

Choose the best home anti-malware solution

Ransomware is causing all the rage right now. It’s the type of threat that gets attention because a successful attack is extremely visible (the attacker needs you to know it’s worked, or you won’t pay!) Also, there is a direct and substantial cost attached to it. In addition to paying security specialists to help, there’s a fat ransom demand sitting on your screen.

While much hacking is subtle, stealing information silently, ransomware is in your face. It stops businesses in their tracks. It gets the attention of the finance directors. It provides powerful ammunition to security teams arguing for more resources. And, of course, it makes headlines.

Ransomware attacks used to be splashed around automatically. Anyone could be unlucky enough to click on the wrong link and face a red screen asking for a Bitcoin. And these ‘commodity’, untargeted ransomware attacks still exist. Some of the threats used in the making of this report are just such attacks.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

Ransomware Protection Tested

Red screens means red faces. Prevent, don’t pay!

Our reports help you choose the best home anti-malware product that can protect you from ransomware and other types of attack

Choose the best home anti-malware solution

Ransomware is causing all the rage right now. It’s the type of threat that gets attention because a successful attack is extremely visible (the attacker needs you to know it’s worked, or you won’t pay!) Also, there is a direct and substantial cost attached to it. In addition to paying security specialists to help, there’s a fat ransom demand sitting on your screen.

While much hacking is subtle, stealing information silently, ransomware is in your face. It stops businesses in their tracks. It gets the attention of the finance directors. It provides powerful ammunition to security teams arguing for more resources. And, of course, it makes headlines.

Ransomware attacks used to be splashed around automatically. Anyone could be unlucky enough to click on the wrong link and face a red screen asking for a Bitcoin. And these ‘commodity’, untargeted ransomware attacks still exist. Some of the threats used in the making of this report are just such attacks.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

Endpoint protection needs your attention

How to get out more than you put in

Our reports help you choose the best enterprise endpoint protection for your organisation. Picking a suitable solution isn’t just a matter of scanning through testing awards. You need to look closely at what you need, what you already have and what is available.

Choose the best enterprise endpoint protection

If you were going to buy a new security fence, burglar alarm or CCTV system you would research the various options and consider how to deploy it in your very specific situation. The same should follow for endpoint protection systems. What do you really need? Are the candidates basically capable? And can you get the best out of them in your environment. We hope this report helps you answer some of these important questions.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This enterprise endpoint protection report has gone through the AMTSO certification process. This ensures that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best anti-malware solution for their own needs.

Small business endpoint protection

How to get out more than you put in

Our reports help you choose the best enterprise endpoint protection for your organisation. Picking a suitable solution isn’t just a matter of scanning through testing awards. You need to look closely at what you need, what you already have and what is available.

Choose the best anti-malware solution

If you were going to buy a new security fence, burglar alarm or CCTV system you would research the various options and consider how to deploy it in your very specific situation. The same should follow for endpoint protection systems. What do you really need? Are the candidates basically capable? And can you get the best out of them in your environment. We hope this report helps you answer some of these important questions.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This enterprise endpoint protection report has gone through the AMTSO certification process. This ensures that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best anti-malware solution for their own needs.

Read this SE Labs assessment of world-leading endpoint security products and discover how they handle well-known threats and targeted attacks.

Anti-virus needs your attention

How to get out more than you put in

Our reports help you choose the best home anti-malware solution. Picking a suitable solution isn’t just a matter of scanning through testing awards. You need to look closely at what you need, what you already have and what is available.

Choose the best home anti-malware solution

If you were going to buy a new security fence, burglar alarm or CCTV system you would research the various options and consider how to deploy it in your very specific situation. The same should follow for endpoint protection systems. What do you really need? Are the candidates basically capable? And can you get the best out of them in your environment.

For home users, a big question is: are you interested? Technically-minded folk may want powerful features that are irrelevant to people who just want to install something and forget about it. Or security experts might lock down their computers in clever ways and decide that basic anti-virus is good enough. When it comes to choosing personal security products, anti-virus needs your attention.

We hope this report helps you answer some of these important questions.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

Read this SE Labs assessment of world-leading endpoint security products and discover how they handle well-known threats and targeted attacks.

Tested products from:

Avast
AVG
Avira
Kaspersky
McAfee
Microsoft
Norton LifeLock
Sophos
Webroot

The world of cyber security sales is unclear at best

Our reports help you choose the best anti-malware solution for your organisation and your family. This latest one looks at how the most popular products handle the threats everyone faces on a daily basis, as well as the sort of targeted attack you hope never to encounter (but might).

There aren’t many resources available to help make such buying decisions. Security marketing is fraught with misleading claims. That’s not just our opinion. “Snake oil” is a common refrain among attendees of security conferences and the large companies that buy security to the tune of over one trillion dollars a year.

Choose the best anti-malware solution

SE Labs is particularly well connected in the security world. It’s partially how we have gained the trust of the security vendors themselves, and their own customers. We sit right in the middle of things, alongside the analysts who help businesses choose which vendors to work with. We provide insight into which products are right for different companies, which all have different needs.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This report has gone through the AMTSO certification process to ensure that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best for their own needs.

The world of cyber security sales is unclear at best

Our reports help you choose the best enterprise endpoint protection for your organisation. This latest one looks at how the most popular products handle the threats everyone faces on a daily basis, as well as the sort of targeted attack you hope never to encounter (but might).

Our testing is rigorous and tough. It’s hard to do well in an SE Labs test.

There aren’t many resources available to help make such buying decisions. Security marketing is fraught with misleading claims. That’s not just our opinion. “Snake oil” is a common refrain among attendees of security conferences and the large companies that buy security to the tune of over one trillion dollars a year.

Choose the best enterprise endpoint protection

SE Labs is particularly well connected in the security world. It’s partially how we have gained the trust of the security vendors themselves, and their own customers. We sit right in the middle of things, alongside the analysts who help businesses choose which vendors to work with. The work we do provides insight into which products are right for different companies, which all have different needs.

We pride ourselves on a level of transparency that elevates our work above the less open reports available. But don’t just take our word for it. This enterprise endpoint protection report has gone through the AMTSO certification process. This ensures that we say what we’re going to do; do it; and can prove it. Our results help vendors improve their products and buyers choose the best anti-malware solution for their own needs.