SE Labs

Special Edition
Computer security testing comment and analysis from SE LABS Ⓡ

IronNet IronDefense detecting APTs on the network

SE Labs tested IronNet IronDefense against a range of hacking attacks.

ironnet irondefense

The SE Labs Enterprise Advanced Security test is compatible with a wide range of security products and services. This includes NDR. Our latest network detection report is now available!

IronNet IronDefense vs. APTs

Our targeted attack testing is compatible with the MITRE ATT&CK framework, which means we based our work on the industry standard way to illustrate attacks.

Download the report now! (free – no registration)

Realism is at the core of all our security testing. All testers, including ourselves, can’t assume that products work in a certain way, so running a realistic test means setting up real networks and hacking them in the same way that real adversaries do.

Example test network

In this diagram you can see an example network that contains workstations, some basic infrastructure such as file servers and a domain controller, as well as cloud-based email and a malicious command and control (C&C) server. The C&C could be a conventional computer or a service such as Dropbox, Twitter, Slack or something else even more imaginative.

This network is set up to be hacked

Attackers often jump from one compromised system to another in so-called ‘lateral movement’. To allow products to detect this type of behaviour the tester needs to build the network realistically, with systems available, vulnerable and worth compromising.

It is possible to compromise devices such as enterprise printers and so called ‘IoT’ (Internet of Things) machines, which is why we’ve included a representative printer in the diagram.

Sign up to our monthly business and personal security newsletters.

The real-world behaviour of online criminals largely dictates which techniques we choose for each test case. We observe their tactics and replicate what they do in this test. You can see details of how we categorise threats in our articles on the SE Labs Threat Series.

Featured podcast:

Find out more

Free security test reports

Stay in touch

Get tested

Discover how we work with large organisations and security vendors.

  • Do you run a large organisation’s security infrastructure and want an assessment?
  • Are you a security vendor that needs certification?
  • SE Labs anti-virus certification can help security vendors access Windows Early Launch Antimalware (ELAM).

Please contact us now.


SE Labs Ltd is a private, independently-owned and run testing company that assesses security products and services. The main laboratory is located in Wimbledon, South London. It has excellent local and international travel connections. The lab is open for prearranged client visits.


SE Labs Ltd
Hill Place House
55A High Street
SW19 5BA