Awards, Testing Advice and a 6-year Endpoint Protection Review
Our third annual report is now online. Free for all, it highlights the cybersecurity trends of this year. Which security products were the strongest? How are they tested? And how can you learn more about assessing security?
Annual Awards and Advanced Security Testing
It’s been six years since we started testing endpoint security. We’ve trawled through all of our previous reports to show an interesting summary of how various products have performed over a long period of time. See who has improved and what challenges caused some products to fail.
Ransomware is causing all the rage right now. That’s why we’ve tested products that offer protection from ransomware.
It’s the type of threat that gets attention because a successful attack is extremely visible (the attacker needs you to know it’s worked, or you won’t pay!) Also, there is a direct and substantial cost attached to it. In addition to paying security specialists to help, there’s a fat ransom demand sitting on your screen.
Ransomware isn’t subtle
While much hacking is subtle, stealing information silently, ransomware is in your face. It stops businesses in their tracks. It gets the attention of the finance directors. It provides powerful ammunition to security teams arguing for more resources. And, of course, it makes headlines.
Email ransom attacks are easy and common. It’s like ransomware, but without the clever coding. Not every hacking attack has to be sophisticated. Sometimes hackers simply demand money, with the threat of making life worse if you don’t pay.
Your Device Was Hacked
The following is an example of a non-targeted, completely opportunistic email ransom attack that threatens to expose embarrassing personal details. A ransom of $1,650 will ensure the details stay private.
SE Labs launches first public Network Detection and Response test
SE Labs tested VMware NSX Network Detection and Response against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.
Full attack chain test in the datacentre
By running the most realistic set of attacks possible we put NDR products to a significant challenge. Can they detect real attacks in real-time, often using unique scripts and malware? If you want to know more about advanced persistent threats on the network please read past the initial graphs in this report and dig into the detail.
How SE Labs tests and scores email security services
Email security services can do a lot to protect users from online threats. This also means a lot can go wrong too. Testing and scoring these services requires a lot of attention to detail and a scoring method that takes into account all of the possible outcomes, including unexpected ones.
Advice says, “research the app.” But where do you start with mobile app security?
Most people want to keep their mobile devices secure. But how do you know the mobile app you are going to install is safe? You can’t trust the app stores. Most Android malware comes from Google’s Play Store. The good news is there are loads of articles giving advice on how to do so. Almost inevitably, one piece of advice will be, “research the app” or “research the company”. The advice is true, because you should check things like that. But rarely does the advice go into detail, because it’s hard to research mobile app security properly! We’ll show you how.
Research the app in 6 easy(ish) steps
Researching a mobile app before you install it is important. There are plenty of fake apps out there and, possibly even worse, some that work but also include unwelcome ‘things’. These ‘things’ could be intrusive ads, extensive tracking of your behaviour or even malware.
Technology gives us tools to achieve sometimes amazing things. But no matter how advanced, it usually requires humans to make an effort.
We’ve all heard the terms, “fire and forget” or “plug and play” but these are usually marketing dreams. In security, as with any other area, you can buy tools, but you need to understand how to use them if you are going to succeed.
Legal firms vs. data security: How to solve the tension between lawyers, their IT teams, clients and data security
Traditional ways of working in the legal world clash with modern technology and tech-savvy clients. Outdated law firm tech might be safe, but it makes customers unhappy.
There is a tension between lawyers, their IT teams and their clients. Law firms don’t like to recognise this, at least publicly. But there is a clash between “the way things are done”, customer service and the convenience provided by modern technology.
SE Labs Ltd is a private, independently-owned and run testing company that assesses security products and services. The main laboratory is located in Wimbledon, South London. It has excellent local and international travel connections. The lab is open for prearranged client visits.