Special Edition
Computer security testing comment and analysis from SE Labs

Can EDR really stop advanced targeted attacks?

SE Labs tested Coronet Cyber Security Coro against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.

Full attack chain EDR test

There are many opportunities to spot and stop attackers. Products can detect them when attackers send phishing emails to targets. Or later, when other emails contain links to malicious code. Some kick into action when malware enters the system. Others sit up and notice when the attackers exhibit bad behaviour on the network.

Posted on May 5th, 2023 by SE Labs Team and tagged 2023, Coronet Cyber Security, cybersecurity, EAS, enterprise, hacking, security testing, targeted attacks, test results

How businesses and home users can make improvements to protect themselves

The number of stories in the mainstream press about the devastation that hackers cause is proof enough as to who has the upper hand in the cyber war today. But there is still plenty that people can do to increase their protection by understanding the common failure points.

Posted on April 4th, 2023 by Simon PG Edwards and tagged 2023, Cyber Essentials, cybersecurity, ransomware, security testing, test like hackers

SE Labs runs second cybersecurity education programme for schools

About Level:Up

SE Labs is running its Level:Up security education programme for the second year in a row, partnering with local schools to provide a thorough cybersecurity overview specifically created for key stage 4 and key stage 5 students.

The programme will take place from the 10^th to the 14^th of July 2023, and will be based at our offices in Wimbledon from 10:00 to 15:00 each day.

Posted on March 28th, 2023 by SE Labs Team and tagged 2023, cybersecurity, education, hacking, LEVEL:UP, security testing

Computer processors get the final word when running programs. Can they judge bad code from good?

Is ransomware detection using hardware possible? We look at Intel’s approach to improving ransomware detection.

All malware has to run on a target to achieve its goal. Whether it’s a remote access Trojan, a wild internet worm or devastating ransomware, malware is most likely software that has to run on a PC of some sort. The anti-virus software industry tries to detect and stop these threats, but news headlines suggest it’s not winning the war.

Posted on March 22nd, 2023 by SE Labs Team and tagged 2023, amd, cybersecurity, hardware-assisted security, Intel, obfuscation, ransomware, security testing, TDT, test results, vpro

“Because we test realistically, sometimes bad guys come onto our test network and mess with us”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Show notes for series 2, episode 9 (final episode of series 2)

What is the attack chain? Why is it good to test using full attack chains? And what are some of the alternative approaches, with their pros and cons? We’ll try to answer all of these questions and more in this special presentation episode recorded at the AVAR conference in Singapore in December 2022.

Posted on February 22nd, 2023 by SE Labs Team and tagged 2023, attack chain, cloud, cybersecurity, enterprise, hacking, home user, podcast, small business, targeted attacks, test like hackers, testing

“If they chose the best products by rolling a dice then they should say so”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Show notes for series 2, episode 8

If we’ve given the impression that we’re at the heart of the security world, working with the organisations that spend billions on security – and with the companies that make billions by selling security products – you’d be right. And that puts us in an awkward position. Because we want to make security better for everyone. And sometimes that means speaking some uncomfortable truths.

This episode is the uncomfortable truth episode.

Posted on January 25th, 2023 by SE Labs Team and tagged 2023, Anti-Malware Testing Standards Organization, cloud, cybersecurity, enterprise, hacking, home user, podcast, security testing, small business, standards, targeted attacks

Three reasons our security tests are the most trustworthy

This security report compares anti-malware products. Its job is to help you make informed buying decisions. We applied advanced testing techniques to ensure that the results are meaningful. The same cannot be said for many other tests. I’d say you’ve picked a good one to read, here. Let’s prove that.

Security report checklist

There are a few questions you should ask when you look at a security report. These are all very important but in random order here they are:

ENDPOINT PROTECTION: NEW REPORTS ONLINE!

Posted on December 22nd, 2022 by SE Labs Team and tagged 2022, cybersecurity, fake reviews, security testing, standards, test results

“Every SMB is an expert in something. A passion. It’s probably not anti-virus…”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Show notes for series 2, episode 7

Small business and Managed Service Provider special!

• Do small businesses face the same cyber threats as large organisations?
• Are your security solutions 100% effective? And how do you pick a good one?
• Where are the opportunities for MSPs to add value and make more money?

In June 2022*, we set up a panel of security experts to help and advise companies selling managed security services. Managed Service Providers (MSPs) need to choose a set of security solutions that they can use or possibly resell to their small business clients, known as SMBs.

The clients face the same cyber threats as large organisations, but they’re far less equipped to handle them.

We answer all of these questions and more with special guests Martin Lee from Cisco, Chad Skipper from VMware, and Luis Corrons from Avast.

Security Life Hack from John Hawes (AMTSO)!

Posted on November 30th, 2022 by SE Labs Team and tagged 2022, Apple, cloud, Cyber Essentials, cybersecurity, hacking, living off the land, Microsoft, phishing, physical security, podcast, RaaS, ransomware as a service, security poverty, small business, social engineering, targeted attacks, threat intelligence

300 ways to run a ransomware attack!

SE Labs tested CrowdStrike Falcon against a range of ransomware attacks designed to extort victims. These attacks were realistic, using the same tactics and techniques as those used against victims in recent months.

Test like ransomware hackers

Testers attacked target systems, protected by CrowdStrike Falcon. Our testers in the lab acted in the same way as we observe ransomware groups to behave on the internet.

Attacks were initiated from the start of the attack chain, using phishing email links and attachments, as just two examples. Each attack was run from the very start to its obvious conclusion, which means attempting to steal, encrypt and destroy sensitive data on the target systems.

Posted on October 25th, 2022 by SE Labs Team and tagged 2022, crowdstrike, cybersecurity, falcon, ransomware, security testing, standards, test results

“We see the worst, because it’s helped us to evolve to pick up on threats and dangers. But it’s not that helpful for life in the 21st century.”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Show notes for series 2, episode 6

Mental health is an important but often misunderstood area, full of prejudice and technical jargon. How can we look after ourselves better at work and in our personal lives?

Post-pandemic, we take stock on the mental impacts of working from home and isolated environments.

And now we’re facing hybrid working. Can we take control?

Is this the right time to take stock and address any issues we can identify to stay happier?

Protective factors can keep us going but, when they disappear, we can experience problems.

We address all of these issues and more, with special guest Olly Church (The Eleos Partnership).

Security Life Hack from Luis Corrons (Avast)!

Posted on October 25th, 2022 by SE Labs Team and tagged 2022, cybersecurity, enterprise, home user, mental health, podcast, small business