Special Edition
Computer security testing comment and analysis from SE Labs

How seriously do you take the email threat?

Cyber criminals often use email as a way to start an attack. According to many sources email is by far the most common way that attackers try to gain access to your business and personal systems.

The UK government’s Cyber Security Breaches Survey 2022 reported that email phishing alone accounts for 83% of attacks.

Email cyber threat

But we all know that, don’t we? Because organisations, large and small, receive thousands of general and more targeted email threats every year.

EMAIL PROTECTION: NEW REPORT ONLINE!

Posted on June 10th, 2022 by SE Labs Team and tagged 2022, cybersecurity, email security, enterprise, security testing, small business, standards, test results

“I have a PC… I like their delete key, which doesn’t exist on the Mac.”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Show notes for series 2, episode 1

Can Microsoft solve security? Do you need anti-virus on your smartphone? And are Macs more secure than PCs?

We ask Eugene Kaspersky (Kaspersky) and Christian Seifert (Microsoft).

This episode’s Security Life Hack from Mikko Hyppönen (WithSecure)!

Posted on May 25th, 2022 by SE Labs Team and tagged 2022, cloud, cybersecurity, enterprise, hacking, home user, physical security, podcast, security life hack, security vendor, small business, social engineering, targeted attacks

The first security technique you should master!

Security planning can make your life easier to manage. It’s easy to become paralysed when you consider all of the threats that exist and all of the possible solutions. You can’t buy every security product available and you certainly shouldn’t even try.

There are risks that we all face (let’s call those ‘general risks’) and risks that are quite specific to you (‘individual risks’).

Security planning for anyone, whether you are the CEO of a large enterprise or a retired amateur gardener, should take into account what risks you (specifically) face and the consequences of something bad actually happening.

General risks

In this article we’re going to focus on cybersecurity, but the principles apply to any area of your life. In the computing world there are three major threats that we all face:

Posted on May 24th, 2022 by Simon PG Edwards and tagged 2022, cybersecurity, home user, infosecurity principles, insurance, online security, physical security, security, small business, threat profiling

All episodes of DE:CODED, Series Two

Find all of the episodes from the award-winning DE:CODED Series Two in one handy place.

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Posted on May 16th, 2022 by SE Labs Team and tagged 2022, Apple, cloud, cybersecurity, enterprise, Google, hacking, home user, Microsoft, physical security, podcast, security vendor, small business, social engineering, targeted attacks

When security policies and security testing meet…

Security solutions can stop you getting things done. They can make mistakes, interpreting your actions as malicious. And then block your work. But they can also blindly follow security policies set by the IT department. Sometimes they do both! How can you predict which products will be most accurate after you buy them?

Custom security policies

Your business most likely doesn’t rely entirely on the detections and protections offered by security solutions. IT usually needs to make a least some configuration changes. Default settings should be good, but businesses commonly make their own adjustments. Every company has its own characteristics and one size definitely does not fit all.

Posted on May 3rd, 2022 by Simon PG Edwards and tagged 2022, configuration, cybersecurity, enterprise, security testing

Simulated or real attacks in cybersecurity testing?

There are many different ways to test cybersecurity products. Most of the common approaches are useful when evaluating a service or system, but they each have pros and cons. In this article we outline the basic differences and limitations. Can you achieve realistic cybersecurity testing?

Posted on April 20th, 2022 by SE Labs Team and tagged 2022, cybersecurity, enterprise, penetration testing, realism, realistic cybersecurity testing, security testing, simulated attacks, standards, test like hackers

A strategic alternative to penetration testing.

Is Microsoft’s anti-virus good enough? Are the ‘next-gen’ endpoint products as good as they claim? Is our combination of anti-malware and whitelisting giving us full threat coverage? Enterprises are asking themselves, and SE Labs, these questions all the time. The good news is, we can help provide an answer.

Posted on April 13th, 2022 by Simon PG Edwards and tagged 2022, buying decision, configuration, cybersecurity, enterprise, hacking, security testing, standards, targeted attacks

Call to action for security vendors.

Tests that follow the AMTSO testing Standard give vendors a chance to voice their opinions.

Register your interest

SE Labs has issued a new public endpoint test notification through the Anti-Malware Testing Standards Organization (AMTSO).

Posted on April 11th, 2022 by SE Labs Team and tagged 2022, AMTSO, Anti-Malware Testing Standards Organization, cybersecurity, security testing, security vendor, standards

By understanding the rules of security testing.

The reports below contain security testing results. You can compare the performance of a variety of products that claim to protect you against online threats. This, in theory, will help individuals and businesses choose the best security product.

AMTSO-Compliant Test ✔

Rules of engagement

But these are free reports. How can you trust that the high-scoring vendors didn’t just pay for their ranking? Do you suspect that some low-scoring vendors dropped out of the report? Or asked to be retested until they scored better?

What are the rules behind the scenes in security testing?

ENDPOINT PROTECTION: NEW REPORTS ONLINE!

Posted on April 8th, 2022 by Simon PG Edwards and tagged 2022, cybersecurity, enterprise, home user, security testing, small business, standards, test results

SE Labs tested IronNet IronDefense against a range of hacking attacks.

The SE Labs Enterprise Advanced Security test is compatible with a wide range of security products and services. This includes NDR. Our latest network detection report is now available!

IronNet IronDefense vs. APTs

Our targeted attack testing is compatible with the MITRE ATT&CK framework, which means we based our work on the industry standard way to illustrate attacks.

Posted on March 15th, 2022 by SE Labs Team and tagged 2022, cybersecurity, enterprise, network security, security testing, standards, test results