SE Labs

Posts filed under 'How We Test'

Endpoint Detection Compared

We compare endpoint security products directly using real, major threats.

Endpoint Detection Compared

Welcome to the first edition of the Enterprise Advanced Security test that compares different endpoint security products directly. We look at how they handle the major threats that face all businesses, from the Global 100, down to medium enterprises. And most likely small businesses, too.

Choose the best enterprise endpoint security solution

We give an overall score but also dig down into the details that your security team will care about. This report explains the different levels of coverage that these products provide.

ENDPOINT DETECTION: NEW REPORT ONLINE!

Read more >

Cyber Security DE:CODED – Testing like hackers

“When it’s not a pay-to-play test that’s behind the curtain…”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Listen on Apple Podcasts Listen on Spotify

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS


Show notes for series 2, episode 3

What does it mean to test like a hacker? Can a well-intentioned tester behave the same as a real cybercriminal?

When you’re looking for a good security test, how can you tell the useful from the misleading?

Our email accounts sit at the centre of our digital lives. We look at ways to bullet-proof your most important internet account.

We discuss these questions, and more, with Frank Duff (ex-MITRE, now Tidal Cyber), Mike Sentonas (CrowdStrike) and Siggi Stefnisson (Avast).

Security Life Hack from Daniel Cuthbert!

Read more >

Endpoint Detection and Response is more than anti-virus

Understand cybersecurity testing with visible threat intelligence.

EDR is more than antivirus

An Endpoint Detection and Response (EDR) product is more than anti-virus, which is why it requires advanced testing. This means testers must behave like real attackers, following every step of an attack.

Intelligence-led testing

While it’s tempting to save time by taking shortcuts, a tester must go through an entire attack to truly understand the capabilities of EDR security products.

Each step of the attack must be realistic too. You can’t just make up what you think bad guys are doing and hope you’re right. This is why SE Labs tracks cybercriminal behaviour and builds tests based on how bad guys try to compromise victims.

Read more >

Anti-virus certification and ELAM

A route to accessing Windows Early Launch Antimalware (ELAM).

Anti-virus certification and ELAM

Anti-malware products monitor Microsoft Windows for malware. They try to notice when new, unwanted software runs, but some malware can be extra sneaky and hide. To get ahead of the game anti-malware products can start monitoring the system early, before other software applications start. The security software then watches as the various programs load during the Windows boot-up process.

Read more >

Cyber Security DE:CODED – Firewall speeds and VPN risks

“If they are not getting any money from you, then where are they getting the money from?”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Listen on Apple Podcasts Listen on Spotify

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS


Show notes for series 2, episode 2

Is your firewall as fast as you think? What does XDR mean and how does it work? Do you need a personal VPN?

We talk to Brian Monkman (NetSecOPEN), Chad Skipper (VMware), Luis Corrons (Avast) and Daniel Cuthbert.

This episode’s Security Life Hack from Dennis Batchelder (AppEsteem)!

Read more >

Scoring Email Security Services

How seriously do you take the email threat?

Cyber criminals often use email as a way to start an attack. According to many sources email is by far the most common way that attackers try to gain access to your business and personal systems.

The UK government’s Cyber Security Breaches Survey 2022 reported that email phishing alone accounts for 83% of attacks.

Email cyber threat

But we all know that, don’t we? Because organisations, large and small, receive thousands of general and more targeted email threats every year.

EMAIL PROTECTION: NEW REPORT ONLINE!

Read more >

Security policies helping or interfering?

When security policies and security testing meet…

security policies

Security solutions can stop you getting things done. They can make mistakes, interpreting your actions as malicious. And then block your work. But they can also blindly follow security policies set by the IT department. Sometimes they do both! How can you predict which products will be most accurate after you buy them?

Custom security policies

Your business most likely doesn’t rely entirely on the detections and protections offered by security solutions. IT usually needs to make a least some configuration changes. Default settings should be good, but businesses commonly make their own adjustments. Every company has its own characteristics and one size definitely does not fit all.

Read more >

Realistic cybersecurity testing

Simulated or real attacks in cybersecurity testing?

Realistic cybersecurity testing

There are many different ways to test cybersecurity products. Most of the common approaches are useful when evaluating a service or system, but they each have pros and cons. In this article we outline the basic differences and limitations. Can you achieve realistic cybersecurity testing?

Read more >

Helping enterprises plan security

A strategic alternative to penetration testing.

Helping enterprises plan

Is Microsoft’s anti-virus good enough? Are the ‘next-gen’ endpoint products as good as they claim? Is our combination of anti-malware and whitelisting giving us full threat coverage? Enterprises are asking themselves, and SE Labs, these questions all the time. The good news is, we can help provide an answer.

Read more >

Public endpoint test notification

Call to action for security vendors.

Public endpoint test notification commentary phase

Tests that follow the AMTSO testing Standard give vendors a chance to voice their opinions.

Register your interest

SE Labs has issued a new public endpoint test notification through the Anti-Malware Testing Standards Organization (AMTSO).

Read more >

About

SE Labs Ltd is a private, independently-owned and run testing company that assesses security products and services. The main laboratory is located in Wimbledon, South London. It has excellent local and international travel connections. The lab is open for prearranged client visits.

Contact

SE Labs Ltd
Hill Place House
55A High Street
Wimbledon
SW19 5BA

020 3875 5000

info@selabs.uk

Press