All postsSE Labs tested IronNet IronDefense against a range of hacking attacks.
The SE Labs Enterprise Advanced Security test is compatible with a wide range of security products and services. This includes NDR. Our latest network detection report is now available!
IronNet IronDefense vs. APTs
Our targeted attack testing is compatible with the MITRE ATT&CK framework, which means we based our work on the industry standard way to illustrate attacks.
Realism is at the core of all our security testing. All testers, including ourselves, can’t assume that products work in a certain way, so running a realistic test means setting up real networks and hacking them in the same way that real adversaries do.
Example test network
In this diagram you can see an example network that contains workstations, some basic infrastructure such as file servers and a domain controller, as well as cloud-based email and a malicious command and control (C&C) server. The C&C could be a conventional computer or a service such as Dropbox, Twitter, Slack or something else even more imaginative.
Attackers often jump from one compromised system to another in so-called ‘lateral movement’. To allow products to detect this type of behaviour the tester needs to build the network realistically, with systems available, vulnerable and worth compromising.
It is possible to compromise devices such as enterprise printers and so called ‘IoT’ (Internet of Things) machines, which is why we’ve included a representative printer in the diagram.
The real-world behaviour of online criminals largely dictates which techniques we choose for each test case. We observe their tactics and replicate what they do in this test. You can see details of how we categorise threats in our articles on the SE Labs Threat Series.
Featured podcast:
[buzzsprout episode=’10578730′ player=’true’]
