SE Labs

Posts filed under 'Analysis'

DE:CODED – Selling Security: The Insider’s Guide

“You’re thinking: How much truth is in that report?”

DE:CODED is the official podcast from SE Labs.

Listen on Apple Podcasts Listen on Spotify Listen on Google Podcasts Listen on Stitcher

ALL EPISODES


Show notes for series 1, episode 5

Companies spend trillions on cyber security each year. But how do they decide which products and services are the best?

Read more >

What does a breach look like?

Understand what a real hacking attack looks like to the attacker and defenders

breach visualisation

The IT security world is rocked by news of breach after breach, including the shocking disclosure of the SolarWinds attack. Data is stolen, deleted or corrupted and… well you know. It’s a total mess. Journalists focus on basic outcomes, while technical blogs look at esoteric technical details. We’ve explained, in laymen’s terms, what a breach looks like from an attacker’s point of view. And from the position of the defenders.

Read more >

SolarWinds Breach – After the Storm

Is trust as we know it dead?

The blind leading the blind. Supply chain attacks brought into focus by the SolarWinds breach

The SolarWinds breach was arguably the most significant computer hack of the decade. At least, of those breaches that we know of. Rather than jump straight into judgement and analysis, we wanted to watch as things unfurled and provide a balanced view with facts and clear thoughts later, rather than fast attention-grabbing reactions.

Read more >

Internet opinions on security tests

And screaming into the abyss!

opinions on security tests

We’re all entitled to our opinions. So why is it so aggravating when “someone is wrong on the internet?”

Security forums vs. test results

People are biased. It’s natural human behaviour and not something we can correct. Not least because we have our own biases… In fact, research indicates that providing evidence to counter someone’s argument actually entrenches their initial position! Here, we’re going to explore opinions on security testing.

Read more >

2020: year of the breach

Solid endpoint protection is a bare minimum

Solid endpoint protection

If it feels like new breaches are reported every week, it’s because they are. Attackers are taking no prisoners and are successfully breaking into businesses, political organisations and systems belonging to individuals. Most believe they have solid endpoint protection in place.

It’s not like a bank robbery, where the bad guys have to spend lots of time and effort to put themselves at physical risk for the sake of one big score. Ransomware extortions can happen in parallel. Criminals sit in front of screens watching piles of victims become compromised.

Read more >

Ransomware evolved – Persistent Ransomware Attack

A set of backups may no longer be enough

Ransomware infecting backup tape

A journalist asked us if we felt that ransomware attackers had evolved. But the truth of the matter is, there’s no need for them to do so judging by the large number of publicised cases in which they are able to achieve success without being too creative.

Read more >

How reliable are security product tests?

And how can you tell?

Security product tests

If you are in charge of protecting an organisation, you need good data to help make buying decisions. The consequences of simply trusting internet reviews, vendor sales pitches and instinct are extremely serious. So which security product tests are the best?

This article first appeared on LinkedIn (17th November, 2020)

Read more >

SE Labs has been hacked…

And we’re really quite proud about it!

SE Labs has been hacked

Our tests are so close to real-life hacking that sometimes there is no practical difference between the two. We don’t usually expect to interact directly with cyber criminals, but it sometimes happens. In this case, our attacker was rude enough to spoil our initial analysis and to leave a sexually aggressive message for our team, too. SE Labs has been hacked!

For immediate context, if you’ve never heard of SE Labs before, we are a computer security testing organisation. We expose our test systems to all manner of horrible software and people, to judge how effectively different security products work. No customer data was lost in this story!

Read more >

Network Security Performance Testing Evolved

How fast is your firewall? And does it still protect your business when it’s busy?

network security performance testing

SE Labs has launched its network security performance testing service. Our reports will answer questions like, “How fast is this NGFW, really?” And, “How well does it protect, even when it’s very busy?”

We have worked with the major global vendors in this area for over a year, identifying and addressing gaps in existing network performance testing. We’ve focussed on ensuring that these new tests from SE Labs are fair, honest, reliable and accurate.

These tests are the first of a new breed.

Read more >

Serial Hackers

How we run our Breach Response testing, and why

Breach response testing

In this blog post our CTO Stefan Dumitrascu explains some of the challenges behind our newly launched Breach Response testing, why things are now different (better) and the background on how we came to make some of our decisions.

One of our most exciting projects this year has been the Breach Response testing programme. In this article we explain what has changed since last year, and why.

Read more >

About

SE Labs Ltd is a private, independently-owned and run testing company that assesses security products and services. The main laboratory is located in Wimbledon, South London. It has excellent local and international travel connections. The lab is open for prearranged client visits.

Contact

SE Labs Ltd
Hill Place House
55A High Street
Wimbledon
SW19 5BA

020 3875 5000

info@selabs.uk

Press