All postsA strategic alternative to penetration testing.
Is Microsoft’s anti-virus good enough? Are the ‘next-gen’ endpoint products as good as they claim? Is our combination of anti-malware and whitelisting giving us full threat coverage? Enterprises are asking themselves, and SE Labs, these questions all the time. The good news is, we can help provide an answer.
SE Labs helps enterprises plan cyber security in a number of ways. The most obvious is by providing reports on security product effectiveness. There are reports on our website that show how different endpoint protection software compares, for example. We also look at firewall security and performance. There are reports on email security services, next-gen anti-virus and endpoint detection and response.
Not all of these reports compare products with each other. Some of our most popular reports show how a security product handles different attack groups. Instead of ‘product vs. product’ reports, we’re publishing increasing numbers of ‘product vs. bad guy’ reports.
Not all reports are public
Much of our work goes unpublished, though. Large organisations ask us to provide second or third opinions before they make huge buying decisions. They sometimes ask us to run a private test on a product, using a general environment. Alternatively, they request that we attack systems that are set up in exactly the same way as their own computers.
This starts to look like a classic penetration test, in which consultants try different ways to breach networks. The main difference is that we are testing a configuration, or combination of products and configurations. We don’t touch real production systems, which means we can be particularly brutal in how we attack. The risk to the business is zero.
You can use SE Labs to help confirm that today’s plan still works, or inform future changes.
Areas of interest
An organisation might be confident in its setup, but have concerns about a certain type of attack. For example, it might have a particular focus on ransomware. Or it might care about privilege escalation, once an attack starts to succeed. We can takes these areas of interest and tailor a test to address them specifically.
A common question businesses ask us is, “can we just use Microsoft?” It’s common for companies to use lots of different security products and Microsoft Windows has a free anti-malware feature in-built. Microsoft also provides a low-cost enterprise anti-malware product.
Companies looking to save money, or at least simplify the suite of security products in use, are interested in how Microsoft’s offerings compare with the products they are already using.
Helping enterprises plan
Some organisations want to test their general approach. For example, a medical research company might have combined a whitelisting solution with a basic anti-malware product. A media company could build a website using various free Linux intrusion detection and anti-virus solutions. An oil business considers using cloud-based web protection alongside an add-on email security service.
In all of the examples above, a test can validate a decision; support or challenge a new plan; or make recommendations for change.
If you are an enterprise that wants to discuss current or future security deployments please get in touch. We’re happy to help.
