See our presentation video from the AMTSO Town Hall meeting.
Network detection and response products monitor networks for attacks. They look for related information too, to help detect and recover from breaches.
Network detection and response: TESTED!
SE Labs has applied its Enterprise Advanced Security testing methods to network detection and response products. In this video we explain how and why we test the way we do.
Endpoint protection against different types of attacker tested.
Our reports are based on ‘testing security from zero to Neo’. Their wide scope helps you choose the best anti-malware product, that can protect you from ransomware and other types of attack.
AMTSO-Compliant Test ✔
Targeted attacks come in all levels of sophistication
There seems to be no limit to the powers of cyber criminals. In 2021 the public became aware of the advanced capabilities of the NSO group, now infamous for helping governments spy on dissidents and others.
Security testing needs to be more realistic and subtle than just running malware
Your own network can provide everything that an attacker needs to achieve its goal. In many ways it’s impossible to tell the difference between an effective attacker and a good systems administrator.
Awards, Testing Advice and a 6-year Endpoint Protection Review
Our third annual report is now online. Free for all, it highlights the cybersecurity trends of this year. Which security products were the strongest? How are they tested? And how can you learn more about assessing security?
Annual Awards and Advanced Security Testing
It’s been six years since we started testing endpoint security. We’ve trawled through all of our previous reports to show an interesting summary of how various products have performed over a long period of time. See who has improved and what challenges caused some products to fail.
Ransomware is causing all the rage right now. That’s why we’ve tested products that offer protection from ransomware.
AMTSO-Compliant Test ✔
It’s the type of threat that gets attention because a successful attack is extremely visible (the attacker needs you to know it’s worked, or you won’t pay!) Also, there is a direct and substantial cost attached to it. In addition to paying security specialists to help, there’s a fat ransom demand sitting on your screen.
Ransomware isn’t subtle
While much hacking is subtle, stealing information silently, ransomware is in your face. It stops businesses in their tracks. It gets the attention of the finance directors. It provides powerful ammunition to security teams arguing for more resources. And, of course, it makes headlines.
Email ransom attacks are easy and common. It’s like ransomware, but without the clever coding. Not every hacking attack has to be sophisticated. Sometimes hackers simply demand money, with the threat of making life worse if you don’t pay.
Your Device Was Hacked
The following is an example of a non-targeted, completely opportunistic email ransom attack that threatens to expose embarrassing personal details. A ransom of $1,650 will ensure the details stay private.
SE Labs launches first public Network Detection and Response test
SE Labs tested VMware NSX Network Detection and Response against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.
Full attack chain test in the datacentre
By running the most realistic set of attacks possible we put NDR products to a significant challenge. Can they detect real attacks in real-time, often using unique scripts and malware? If you want to know more about advanced persistent threats on the network please read past the initial graphs in this report and dig into the detail.
How SE Labs tests and scores email security services
Email security services can do a lot to protect users from online threats. This also means a lot can go wrong too. Testing and scoring these services requires a lot of attention to detail and a scoring method that takes into account all of the possible outcomes, including unexpected ones.
Advice says, “research the app.” But where do you start with mobile app security?
Most people want to keep their mobile devices secure. But how do you know the mobile app you are going to install is safe? You can’t trust the app stores. Most Android malware comes from Google’s Play Store. The good news is there are loads of articles giving advice on how to do so. Almost inevitably, one piece of advice will be, “research the app” or “research the company”. The advice is true, because you should check things like that. But rarely does the advice go into detail, because it’s hard to research mobile app security properly! We’ll show you how.
Research the app in 6 easy(ish) steps
Researching a mobile app before you install it is important. There are plenty of fake apps out there and, possibly even worse, some that work but also include unwelcome ‘things’. These ‘things’ could be intrusive ads, extensive tracking of your behaviour or even malware.
Technology gives us tools to achieve sometimes amazing things. But no matter how advanced, it usually requires humans to make an effort.
AMTSO-Compliant Test ✔
We’ve all heard the terms, “fire and forget” or “plug and play” but these are usually marketing dreams. In security, as with any other area, you can buy tools, but you need to understand how to use them if you are going to succeed.
Archive of security product and service test results
DE:CODED Podcast
About
SE Labs Ltd is a private, independently-owned and run testing company that assesses security products and services. The main laboratory is located in Wimbledon, South London. It has excellent local and international travel connections. The lab is open for prearranged client visits.