Special Edition
Computer security testing comment and analysis from SE Labs

SE Labs CTO Stefan Dumitrascu offers some words of advice and encouragement to those considering a career in cybersecurity. And to those who may not think that they can do it!

Are you considering a career in cybersecurity? What does it take? A degree in computer science? A bag of certifications? A laptop full of stickers and a body full of tattoos and piercings? Depending on who you talk to, and which Twitter accounts you follow, you might believe you need all the above. But that’s not (necessarily) true.

Attacking the problem

At SE Labs we test security products by attacking through them, like real attackers. We are red-team testers, which means we must know how to behave like bad guys such as cybercriminals. And as our business grows we need to find people to join us.

Posted on March 5th, 2021 by Simon PG Edwards and tagged 2021, cybersecurity, education, security testing

Is trust as we know it dead?

The SolarWinds breach was arguably the most significant computer hack of the decade. At least, of those breaches that we know of. Rather than jump straight into judgement and analysis, we wanted to watch as things unfurled and provide a balanced view with facts and clear thoughts later, rather than fast attention-grabbing reactions.

Posted on February 26th, 2021 by Simon PG Edwards and tagged 2021, 2fa, authentication, cloud, cybersecurity, hacking, targeted attacks

If an EDR solution can spot an attack, why doesn’t it stop it too?

SE Labs tested Crowdstrike Falcon in this Breach Response test, pitting it against a range of hacking attacks designed to compromise systems.

This month shattered any doubt that intrusion detection technology is necessary. Large companies and other organisations that rely on compromised technology from IT management firm SolarWinds are racing to discover possible breaches.

Posted on January 19th, 2021 by Simon PG Edwards and tagged 2021, breach response, crowdstrike, cybersecurity, hacking, security testing, targeted attacks

And screaming into the abyss!

We’re all entitled to our opinions. So why is it so aggravating when “someone is wrong on the internet?”

Security forums vs. test results

People are biased. It’s natural human behaviour and not something we can correct. Not least because we have our own biases… In fact, research indicates that providing evidence to counter someone’s argument actually entrenches their initial position! Here, we’re going to explore opinions on security testing.

Posted on January 18th, 2021 by Simon PG Edwards and tagged 2021, cybersecurity, security testing, standards

Supporting open standards testing for firewalls and other network security devices

SE Labs has joined forces with testing standards organisation NetSecOPEN, aiming to improve the network appliance testing market. The result will be more accurate reports containing genuinely useful data.

SE Labs joins NetSecOPEN

SE Labs has always supported transparent, repeatable, standards-based testing of security products. By being the first mainstream security testing organisation to join NetSecOPEN, we are demonstrating our commitment to that purpose across all of our testing.

Posted on January 5th, 2021 by Simon PG Edwards and tagged 2021, cybersecurity, firewalls, network performance, network security, security testing, standards

Solid endpoint protection is a bare minimum

If it feels like new breaches are reported every week, it’s because they are. Attackers are taking no prisoners and are successfully breaking into businesses, political organisations and systems belonging to individuals. Most believe they have solid endpoint protection in place.

It’s not like a bank robbery, where the bad guys have to spend lots of time and effort to put themselves at physical risk for the sake of one big score. Ransomware extortions can happen in parallel. Criminals sit in front of screens watching piles of victims become compromised.

Posted on December 28th, 2020 by Simon PG Edwards and tagged 2020, anti-virus, cybersecurity, endpoint, hacking, review, security testing, standards, targeted attacks, test results

A set of backups may no longer be enough

A journalist asked us if we felt that ransomware attackers had evolved. But the truth of the matter is, there’s no need for them to do so judging by the large number of publicised cases in which they are able to achieve success without being too creative.

Posted on December 10th, 2020 by Simon PG Edwards and tagged 2020, anti-virus, cybersecurity, hacking, online security, predictions, ransomware, targeted attacks

And how can you tell?

If you are in charge of protecting an organisation, you need good data to help make buying decisions. The consequences of simply trusting internet reviews, vendor sales pitches and instinct are extremely serious. So which security product tests are the best?

This article first appeared on LinkedIn (17th November, 2020)

Posted on November 25th, 2020 by Simon PG Edwards and tagged 2020, anti-virus, cybersecurity, hacking, review, security testing, targeted attacks

And we’re really quite proud about it!

Our tests are so close to real-life hacking that sometimes there is no practical difference between the two. We don’t usually expect to interact directly with cyber criminals, but it sometimes happens. In this case, our attacker was rude enough to spoil our initial analysis and to leave a sexually aggressive message for our team, too. SE Labs has been hacked!

For immediate context, if you’ve never heard of SE Labs before, we are a computer security testing organisation. We expose our test systems to all manner of horrible software and people, to judge how effectively different security products work. No customer data was lost in this story!

Posted on November 9th, 2020 by Simon PG Edwards and tagged 2020, anti-virus, breach, cybersecurity, endpoint, hacking, review, security testing, targeted attacks

How fast is your firewall? And does it still protect your business when it’s busy?

SE Labs has launched its network security performance testing service. Our reports will answer questions like, “How fast is this NGFW, really?” And, “How well does it protect, even when it’s very busy?”

We have worked with the major global vendors in this area for over a year, identifying and addressing gaps in existing network performance testing. We’ve focussed on ensuring that these new tests from SE Labs are fair, honest, reliable and accurate.

These tests are the first of a new breed.

Posted on November 2nd, 2020 by Simon PG Edwards and tagged 2020, anti-virus, cybersecurity, endpoint, hacking, network, network performance, performance, review, security testing, standards, targeted attacks