SE Labs

Posts tagged 'enterprise'

3 ways attackers bypass Multi-Factor Authentication

And 3 ways to stop them.

bypass Multi-Factor Authentication

Multi-Factor Authentication (MFA) is much more popular than it used to be. It’s easy to use and the enhanced security that it provides is supported by many services. But it’s not bulletproof. It is possible to bypass Multi-Factor Authentication.

How to get past the best security measures since the password was invented

The proliferation of mobile devices that support MFA in various different ways has helped make it a convenient option for users and life much harder for attackers, who need to develop ways to get around it. So, of course, they do.

In this report we examine how attackers manage to bypass Multi-Factor Authentication, a security measure that seems rock solid on the face of it.

Read more >

Endpoint Detection Compared

We compare endpoint security products directly using real, major threats

Endpoint Detection Compared

How can you test and judge endpoint protection products? SE Labs tested a variety of Endpoint Detection and Response products against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.

EDR products require advanced testing

An Endpoint Detection and Response (EDR) product is more than anti-virus, which is why it requires advanced testing. This means testers must behave like real attackers, following every step of an attack.

Read more >

Does it matter if your company is hacked?

And why are some businesses overconfident that they are secure?

Does it matter if your company is hacked?

A true story: There was a team manager, a head of IT and a chief financial officer. I asked each if they considered their network to be secure, hacked or in some other state.

The ex-military team manager was supremely confident that the secure network was, as its optimistic name suggested, secure. The IT manager said, “I don’t know,” and the CFO said, “I don’t know, and does it matter?”

AMTSO Compliant

Email Security Services test: Enterprise and Small Business test explained

This report examines the effectiveness of five email security solutions. Microsoft Defender for Office 365 and Google Workspace Enterprise are commercial email platforms. Trellix Email Security, WithSecure Email Security and Mailcow Open Source solution are third-party ‘add-on’ services designed to provide additional security. Of the ‘add-ons’, the services from Trellix and WithSecure are commercial, while Mailcow’s is open-source.

Read more >

DIY email security

Can you defend against email threats better than the security companies?

How well do the main email platforms handle threats? Is it worth paying for additional email security from a third-party specialist? Or could you create your own secure email server and get top grade protection for free?

Compare a major email platform with a third-party service and an open-source solution

In this special, one-of-a-kind report we investigate how well one of the world’s largest email providers performs when trying to filter out harmful security threats from your email. We also assess the benefits of a well-known email security service that you can bolt onto any other email solution. And finally, we built an open-source email server running a combination of security and management tools to see how well it compared.

EMAIL PROTECTION: NEW REPORT ONLINE!

Read more >

Top five antivirus myths busted

And why do we still believe them?

Top five antivirus myths busted

Anti-virus, or endpoint security plays an essential part in protecting Windows PCs. Whether you are working in the world’s largest enterprise, or using a small personal laptop, you need a last line of defence against attacks that use malicious code to steal or damage your data.

AMTSO Compliant

Are you a believer?

Some people have doubts about how useful anti-virus can be. Their opinions might be out of date, or they might believe marketing claims designed to push new products and discredit the competition.

At SE Labs we test endpoint security all the time, so we know what’s true and what belongs in the post-truth world. Here are the top five antivirus myths, busted!

ENDPOINT PROTECTION: NEW REPORTS ONLINE!

Read more >

Early protection systems

Can EDR really stop advanced targeted attacks?

Early protection systems

SE Labs tested Coronet Cyber Security Coro against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.

Full attack chain EDR test

There are many opportunities to spot and stop attackers. Products can detect them when attackers send phishing emails to targets. Or later, when other emails contain links to malicious code. Some kick into action when malware enters the system. Others sit up and notice when the attackers exhibit bad behaviour on the network.

Read more >

Cyber Security DE:CODED Series Two

All episodes of Cyber Security DE:CODED, Series Two

New episodes on the last Wednesday of the month.

Find all of the episodes from the award-winning Cyber Security DE:CODED podcast in one handy place.

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Listen on Apple Podcasts Listen on Spotify

Series 1 | Series 2 | Series 3 (in production)

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS


Find all of the episodes from Cyber Security DE:CODED Series Two here. Use the Subscribe links above to connect our podcast with your favourite podcast platform and ensure you get the next episodes before anyone else.

Episodes

Bonus episodes

Read more >

Cyber Security DE:CODED – Full attack chain testing

“Because we test realistically, sometimes bad guys come onto our test network and mess with us”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Listen on Apple Podcasts Listen on Spotify

Series 1 | Series 2 | Series 3 (in production)

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS


Show notes for series 2, episode 9 (final episode of series 2)

What is the attack chain? Why is it good to test using full attack chains? And what are some of the alternative approaches, with their pros and cons? We’ll try to answer all of these questions and more in this special presentation episode recorded at the AVAR conference in Singapore in December 2022.

Read more >

Cyber Security DE:CODED – Cheating in security testing

“If they chose the best products by rolling a dice then they should say so”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Listen on Apple Podcasts Listen on Spotify

Series 1 | Series 2 | Series 3 (in production)

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS


Show notes for series 2, episode 8

If we’ve given the impression that we’re at the heart of the security world, working with the organisations that spend billions on security – and with the companies that make billions by selling security products – you’d be right. And that puts us in an awkward position. Because we want to make security better for everyone. And sometimes that means speaking some uncomfortable truths.

This episode is the uncomfortable truth episode.

Read more >

Cyber Security DE:CODED – Mental health challenges

“We see the worst, because it’s helped us to evolve to pick up on threats and dangers. But it’s not that helpful for life in the 21st century.”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Listen on Apple Podcasts Listen on Spotify

Series 1 | Series 2 | Series 3 (in production)

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS


Show notes for series 2, episode 6

Mental health is an important but often misunderstood area, full of prejudice and technical jargon. How can we look after ourselves better at work and in our personal lives?

Post-pandemic, we take stock on the mental impacts of working from home and isolated environments.

And now we’re facing hybrid working. Can we take control?

Is this the right time to take stock and address any issues we can identify to stay happier?

Protective factors can keep us going but, when they disappear, we can experience problems.

We address all of these issues and more, with special guest Olly Church (The Eleos Partnership).

Security Life Hack from Luis Corrons (Avast)!

Read more >

About

SE Labs Ltd is a private, independently-owned and run testing company that assesses security products and services. The main laboratory is located in Wimbledon, South London. It has excellent local and international travel connections. The lab is open for prearranged client visits.

Contact

SE Labs Ltd
Hill Place House
55A High Street
Wimbledon
SW19 5BA

info@selabs.uk

Press