Working out which endpoint protection product is right for your organisation requires a lot of thought.
Each product on the market has a pile of features and they don’t all do exactly the same thing. But at the very least, they should detect and stop malware threats. That should be your baseline when choosing between them. In this blog post, we explain how we test so you can judge which endpoint protection products are best for your organisation.
We compare endpoint security products directly using real, major threats
How can you test and judge endpoint protection products? SE Labs tested a variety of Endpoint Detection and Response products against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.
EDR products require advanced testing
An Endpoint Detection and Response (EDR) product is more than anti-virus, which is why it requires advanced testing. This means testers must behave like real attackers, following every step of an attack.
And why are some businesses overconfident that they are secure?
A true story: There was a team manager, a head of IT and a chief financial officer. I asked each if they considered their network to be secure, hacked or in some other state.
The ex-military team manager was supremely confident that the secure network was, as its optimistic name suggested, secure. The IT manager said, “I don’t know,” and the CFO said, “I don’t know, and does it matter?”
Email Security Services test: Enterprise and Small Business test explained
This report examines the effectiveness of five email security solutions. Microsoft Defender for Office 365 and Google Workspace Enterprise are commercial email platforms. Trellix Email Security, WithSecure Email Security and Mailcow Open Source solution are third-party ‘add-on’ services designed to provide additional security. Of the ‘add-ons’, the services from Trellix and WithSecure are commercial, while Mailcow’s is open-source.
Can you defend against email threats better than the security companies?
How well do the main email platforms handle threats? Is it worth paying for additional email security from a third-party specialist? Or could you create your own secure email server and get top grade protection for free?
Compare a major email platform with a third-party service and an open-source solution
In this special, one-of-a-kind report we investigate how well one of the world’s largest email providers performs when trying to filter out harmful security threats from your email. We also assess the benefits of a well-known email security service that you can bolt onto any other email solution. And finally, we built an open-source email server running a combination of security and management tools to see how well it compared.
Anti-virus, or endpoint security plays an essential part in protecting Windows PCs. Whether you are working in the world’s largest enterprise, or using a small personal laptop, you need a last line of defence against attacks that use malicious code to steal or damage your data.
Are you a believer?
Some people have doubts about how useful anti-virus can be. Their opinions might be out of date, or they might believe marketing claims designed to push new products and discredit the competition.
At SE Labs we test endpoint security all the time, so we know what’s true and what belongs in the post-truth world. Here are the top five antivirus myths, busted!
SE Labs tested Coronet Cyber Security Coro against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.
Full attack chain EDR test
There are many opportunities to spot and stop attackers. Products can detect them when attackers send phishing emails to targets. Or later, when other emails contain links to malicious code. Some kick into action when malware enters the system. Others sit up and notice when the attackers exhibit bad behaviour on the network.
Computer processors get the final word when running programs. Can they judge bad code from good?
Is ransomware detection using hardware possible? We look at Intel’s approach to improving ransomware detection.
All malware has to run on a target to achieve its goal. Whether it’s a remote access Trojan, a wild internet worm or devastating ransomware, malware is most likely software that has to run on a PC of some sort. The anti-virus software industry tries to detect and stop these threats, but news headlines suggest it’s not winning the war.
Three reasons our security tests are the most trustworthy
This security report compares anti-malware products. Its job is to help you make informed buying decisions. We applied advanced testing techniques to ensure that the results are meaningful. The same cannot be said for many other tests. I’d say you’ve picked a good one to read, here. Let’s prove that.
Security report checklist
There are a few questions you should ask when you look at a security report. These are all very important but in random order here they are:
SE Labs tested CrowdStrike Falcon against a range of ransomware attacks designed to extort victims. These attacks were realistic, using the same tactics and techniques as those used against victims in recent months.
Test like ransomware hackers
Testers attacked target systems, protected by CrowdStrike Falcon. Our testers in the lab acted in the same way as we observe ransomware groups to behave on the internet.
Attacks were initiated from the start of the attack chain, using phishing email links and attachments, as just two examples. Each attack was run from the very start to its obvious conclusion, which means attempting to steal, encrypt and destroy sensitive data on the target systems.
Thank you for opening this report. We hope you’ll be able to use it to get a better idea about which anti-malware products you might want to buy (or get rid of!)
What do the awards mean?
The report starts off with a list of products, each of which win impressive-looking awards. But have you considered what those awards mean? How come there aren’t any massive losers in the list? How hard is this security test anyway?
Archive of security product and service test results
Cyber Security DE:CODED Podcast
All of our podcast episodes and related content
About
SE Labs Ltd is a private, independently-owned and run testing company that assesses security products and services. The main laboratory is located in Wimbledon, South London. It has excellent local and international travel connections. The lab is open for prearranged client visits.