And are attackers using it to breach your network?
Artificial Intelligence is ruling the stock market and may be on the verge of ruling the world if you believe the business influencers. If it’s as powerful as some say, surely AI can protect your Windows systems from hackers?
The products our new EPS test almost certainly rely on AI-related technologies to detect and protect against attacks. These technologies have been running in the background for about 20 years. We can argue that not only does anti-virus/ endpoint protection use AI, but it’s been doing so for many years, and certainly before Cylance claimed to be the first.
But I did something sneaky there. I slid in the word ‘-related’. Because when people talk about ChatGPT and other popular ‘AI’ tools, they are usually talking about something else. They are amazed by the utility of Machine Learning (ML) systems, which appear to be able to mimic human thought in a rather magical way.
ML is a subset of AI, so it’s related to AI but it isn’t capable of thought. It cannot reason, in the way that we hope future AI systems will. It is great at recognising patterns, but it can make mistakes and it’s not very good at understanding why it makes those mistakes.
As I wrote this introduction, I asked ChatGPT for a fun fact about SE Labs. It claimed we had run a cyber security ‘bake-off’ that involved employees baking “virus-shaped cupcakes [and] firewall-layered cakes. That sounds fun, and maybe we should do it, but we haven’t, so it’s not a fact. Fun or otherwise.
(I corrected ChatGPT, which responded, “You’re right, I made that up in an attempt to be fun and creative.” Maybe tomorrow’s robot overlords will be “fun and creative” and it won’t be so bad if they take over.)
Being able to match patterns is incredibly useful for cyber security tools, because attackers behave in largely similar ways, with small variations. ML can often detect new variations. Attackers can use ML, as indeed does SE Labs when creating some new threats, to try to evade detection. It’s a cat-and-mouse game, with both sides using computer brainpower to detect or escape detection.
“Turn it off and on again.” This global IT support advice is known to everyone, from Peppa Pig (Mummy Pig at Work) to The IT Crowd (every episode). But why? Why does rebooting a complex computer system solve so many problems? And why am I referring to British TV comedy in a serious report about computer security? We will answer one of those questions here.
Announcing the SE Labs Annual Security Awards 2024. We celebrate security vendors for their exceptional performance in both rigorous testing and real-world feedback from customers. These awards stand as a unique recognition within the industry, acknowledging the mix of strong lab work and practical success.
Best New Endpoint Award
Joining the SE Labs testing program is a serious commitment. Our assessments are renowned as the most stringent in the industry. Only the highest calibre products earn coveted A, AA, or AAA awards.
We always welcome new entrants to our tests and it’s incredibly satisfying to work with partners who work to solve problems as well as to celebrate victories.
The winner of this year’s Best New Endpoint Award is SentinelOne.
Best Network Detection and Response Award
Achieving robust security hinges on comprehensively grasping the capabilities and intentions of potential threats to your IT infrastructure. Endpoint Detection and Response (EDR) serves as the frontline defence, actively identifying, thwarting, and dissecting cyber threats lurking within your network. An optimal solution empowers security teams, streamlining their efforts and enhancing their effectiveness in safeguarding your digital assets.
The winner of this year’s Best Network Detection and Response Award is VMware.
Best Product Development Award
Our testing engagements whether public or private, provide vast amounts of information that can be used to improve and strengthen security products. Our award winner has taken our work and run with it, improving the security of their customers and making life significantly harder for attackers. We commend their adeptness and efficacy with this award.
The winner of this year’s Best Product Development Award is Check Point.
Best Managed Service Provider Solution Award
Following our conversations within the community and rigorous testing, we created shortlist of exceptional companies that support their partners in keeping their MSP and partner community informed of the ever-evolving threat landscape.
The winner of this year’s Best Managed Service Provider Solution Award is Sophos.
Best Email Security Service Award
Email is the primary vector for cyber threats. As such, there is much opportunity for email security services to stop cyber attacks at their earliest stages. With the rising menace of targeted assaults, often leveraging sophisticated social engineering tactics, the imperative for email security services to evolve and counter such threats becomes ever more pressing. This year’s champion has consistently showcased its prowess in discerning malicious intent from legitimate communication, reaffirming its role as a stalwart defender against digital adversaries.
The winner of this year’s Best Email Security Service Award is Trellix.
Best Next Generation Firewall Award
In our evaluations of firewalls, we conduct thorough tests that put their data sheets to the real-world challenge. We assess how swiftly data moves through these devices while adhering to security protocols, gauge their resilience against attacks amid heavy legitimate traffic, and evaluate the ease of managing these complexities. Our award winner has excelled across the board, showcasing outstanding performance and resilience.
The winner of this year’s Best Next Generation Firewall Award is Cisco.
Best Innovator Award
As attackers continually evolve their tactics, security vendors must remain innovative in their approach to detecting and thwarting these threats. Mere marketing buzzwords like “machine learning” are insufficient to earn our coveted Innovator award. Products must demonstrate exceptional effectiveness and deliver substantial added value to your security arsenal to merit recognition. It’s not just about fancy labels; it’s about tangible, impactful solutions that elevate your defence capabilities in the ever-changing landscape of cyber threats.
The best security involves having a good understanding of your enemy and the extent of the impact they could make (or have already made) on your IT infrastructure. Endpoint Detection and Response serve as the frontline guardians, actively identifying, halting, and delving into cyber threats within the network. A superior solution not only empowers security teams but also streamlines their efforts, enhancing overall effectiveness in combating evolving threats.
The winner of this year’s Best Endpoint Detection and Response Award is CrowdStrike.
Best Enterprise Endpoint Solution Award
A comprehensive endpoint security solution is fundamental to safeguarding enterprise networks from increasingly sophisticated threats. The Best Enterprise Endpoint Solution award chooses a product that goes beyond protection, delivering robust, scalable security across all devices within an organisation’s infrastructure. This solution excels at not only defending against known and emerging threats but also at seamlessly integrating with enterprise workflows, enabling swift detection, intelligent response, and proactive prevention.
The winner of this year’s Best Enterprise Endpoint Solution Award is Broadcom.
Best Small Business Endpoint Award
Small businesses face unique cyber security challenges, often balancing limited resources with the need for effective protection against ever-evolving threats. The Best Small Business Endpoint Solution award recognises a solution that provides enterprise-grade security tailored to the needs of smaller organisations. This award-winning solution offers easy deployment and reliable protection across all endpoints without requiring a dedicated security team.
The winner of this year’s Best Small Business Endpoint Award is ESET.
Best Home Anti-Malware Award
Personal devices and home networks face a wide array of digital threats, making effective malware protection essential for safeguarding privacy and data. The Best Home Anti-Malware Solution award recognises a product that delivers robust, easy-to-use protection against viruses and malicious software. This solution combines powerful threat detection with intuitive features that keep users informed, ensuring seamless, proactive security.
The winner of this year’s Best Home Anti-Malware Award goes to Kaspersky.
Best Free Anti-Malware Award
Effective security should be accessible to everyone, and the Best Free Anti-Malware Solution award celebrates a product that delivers high-quality protection at no cost. This award-winning solution stands out for its robust defence against a wide range of threats, all without compromising on essential features. With a user-friendly design and reliable threat detection, it empowers users to secure their devices and data effortlessly.
The winner of this year’s Best Free Anti-Malware award is Microsoft.
Ransomware is the most visible, most easily understood cyber threat affecting businesses today. Paralysed computer systems mean stalled business and loss of earnings. We tested CrowdStrike Falcon’s endpoint security vs. ransomware.
Endpoint protection is a critical component of any organisation’s cybersecurity strategy. And if it’s critical then you should test it and additionally, have others run assessments too.
Working out which endpoint protection product is right for your organisation requires a lot of thought.
Each product on the market has a pile of features and they don’t all do exactly the same thing. But at the very least, they should detect and stop malware threats. That should be your baseline when choosing between them. In this blog post, we explain how we test so you can judge which endpoint protection products are best for your organisation.
We compare endpoint security products directly using real, major threats
How can you test and judge endpoint protection products? SE Labs tested a variety of Endpoint Detection and Response products against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.
EDR products require advanced testing
An Endpoint Detection and Response (EDR) product is more than anti-virus, which is why it requires advanced testing. This means testers must behave like real attackers, following every step of an attack.
And why are some businesses overconfident that they are secure?
A true story: There was a team manager, a head of IT and a chief financial officer. I asked each if they considered their network to be secure, hacked or in some other state.
The ex-military team manager was supremely confident that the secure network was, as its optimistic name suggested, secure. The IT manager said, “I don’t know,” and the CFO said, “I don’t know, and does it matter?”
Email Security Services test: Enterprise and Small Business test explained
This report examines the effectiveness of five email security solutions. Microsoft Defender for Office 365 and Google Workspace Enterprise are commercial email platforms. Trellix Email Security, WithSecure Email Security and Mailcow Open Source solution are third-party ‘add-on’ services designed to provide additional security. Of the ‘add-ons’, the services from Trellix and WithSecure are commercial, while Mailcow’s is open-source.
Can you defend against email threats better than the security companies?
How well do the main email platforms handle threats? Is it worth paying for additional email security from a third-party specialist? Or could you create your own secure email server and get top grade protection for free?
Compare a major email platform with a third-party service and an open-source solution
In this special, one-of-a-kind report we investigate how well one of the world’s largest email providers performs when trying to filter out harmful security threats from your email. We also assess the benefits of a well-known email security service that you can bolt onto any other email solution. And finally, we built an open-source email server running a combination of security and management tools to see how well it compared.
Anti-virus, or endpoint security plays an essential part in protecting Windows PCs. Whether you are working in the world’s largest enterprise, or using a small personal laptop, you need a last line of defence against attacks that use malicious code to steal or damage your data.
Are you a believer?
Some people have doubts about how useful anti-virus can be. Their opinions might be out of date, or they might believe marketing claims designed to push new products and discredit the competition.
At SE Labs we test endpoint security all the time, so we know what’s true and what belongs in the post-truth world. Here are the top five antivirus myths, busted!
All posts
