SE Labs tested IronNet IronDefense against a range of hacking attacks.
The SE Labs Enterprise Advanced Security test is compatible with a wide range of security products and services. This includes NDR. Our latest network detection report is now available!
IronNet IronDefense vs. APTs
Our targeted attack testing is compatible with the MITRE ATT&CK framework, which means we based our work on the industry standard way to illustrate attacks.
See our presentation video from the AMTSO Town Hall meeting.
Network detection and response products monitor networks for attacks. They look for related information too, to help detect and recover from breaches.
Network detection and response: TESTED!
SE Labs has applied its Enterprise Advanced Security testing methods to network detection and response products. In this video we explain how and why we test the way we do.
False positives are not all equal. Or always real false positives!
Security tests ought to test for ‘false positives’. It’s important to see if a security product stops something good on a customer’s system, as well as the bad stuff.
Measuring the balance in security
Almost nothing in this world can be reduced to ‘good’ or ‘bad’ accurately. There is too much subtlety: what’s good for one person is bad for another. Someone else might feel neutral about it, or slightly positive or negative. The same applies when testing security products. It’s rare to get a straightforward good/ bad result.
An anti-malware product might block all threats but also all useful programs. It might ask the user frequent and unhelpful questions like, “Do you want to run this ‘unknown’ file?” Alternatively, it might let everything run quietly. Or prevent some things from running without warning or explanation. Maybe you want to see alerts, but maybe you don’t.
We look at how to put the nuance back into security testing.
Endpoint protection against different types of attacker tested.
Our reports are based on ‘testing security from zero to Neo’. Their wide scope helps you choose the best anti-malware product, that can protect you from ransomware and other types of attack.
Targeted attacks come in all levels of sophistication
There seems to be no limit to the powers of cyber criminals. In 2021 the public became aware of the advanced capabilities of the NSO group, now infamous for helping governments spy on dissidents and others.
Awards, Testing Advice and a 6-year Endpoint Protection Review
Our third annual report is now online. Free for all, it highlights the cybersecurity trends of this year. Which security products were the strongest? How are they tested? And how can you learn more about assessing security?
Annual Awards and Advanced Security Testing
It’s been six years since we started testing endpoint security. We’ve trawled through all of our previous reports to show an interesting summary of how various products have performed over a long period of time. See who has improved and what challenges caused some products to fail.
Ransomware is causing all the rage right now. That’s why we’ve tested products that offer protection from ransomware.
It’s the type of threat that gets attention because a successful attack is extremely visible (the attacker needs you to know it’s worked, or you won’t pay!) Also, there is a direct and substantial cost attached to it. In addition to paying security specialists to help, there’s a fat ransom demand sitting on your screen.
Ransomware isn’t subtle
While much hacking is subtle, stealing information silently, ransomware is in your face. It stops businesses in their tracks. It gets the attention of the finance directors. It provides powerful ammunition to security teams arguing for more resources. And, of course, it makes headlines.
SE Labs launches first public Network Detection and Response test
SE Labs tested VMware NSX Network Detection and Response against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.
Full attack chain test in the datacentre
By running the most realistic set of attacks possible we put NDR products to a significant challenge. Can they detect real attacks in real-time, often using unique scripts and malware? If you want to know more about advanced persistent threats on the network please read past the initial graphs in this report and dig into the detail.
Technology gives us tools to achieve sometimes amazing things. But no matter how advanced, it usually requires humans to make an effort.
We’ve all heard the terms, “fire and forget” or “plug and play” but these are usually marketing dreams. In security, as with any other area, you can buy tools, but you need to understand how to use them if you are going to succeed.
The world of cyber security sales is unclear at best
The secret world of cyber security sales is fascinating. And shady. If you ever wondered how they sell security, and how we buy it, we have a treat for you.
Our security reports help you choose the best anti-malware solutions for your organisation and your family. These latest lab results look at how the most popular products handle the threats everyone faces on a daily basis, as well as the sort of targeted attack you hope never to encounter (but might).
If an EDR solution can spot an attack, why doesn’t it stop it too?
SE Labs tested Crowdstrike Falcon in this Breach Response test, pitting it against a range of hacking attacks designed to compromise systems.
This month shattered any doubt that intrusion detection technology is necessary. Large companies and other organisations that rely on compromised technology from IT management firm SolarWinds are racing to discover possible breaches.
All posts
