All reports

05/2023 - 05/2023

Enterprise Advanced Security (NGFW): Palo Alto Networks VM-Series Virtual Next-Generation Firewall – DETECTION

Detecting the Full Chain of Network Threats

Detecting the Full Chain of Network Threats

Network security products detect threats at different security layers

Next-generation firewall vs. advanced persistent attacks

Our reports help you choose the best enterprise security products that can protect you from ransomware and other types of attacks.

Understanding the capabilities of different security products is always better achieved before you need to use them in a live scenario. SE Labs’ Enterprise Advanced Security test reports help you assess which are the best for your own organisation.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download [2.31 MB]

There are many opportunities to spot and stop attackers. Products can detect them when attackers send phishing emails to targets. Or later, when other emails contain links to malicious code. Some kick into action when malware enters the system. Others sit up and notice when the attackers exhibit bad behaviour on the network.

Palo Alto Networks VM-Series Virtual Next-Generation Firewall test results

In this report we look at how Palo Alto Networks VM-Series Virtual Next-Generation Firewalls handled full breach attempts. At which stages did it detect? And did it allow business as usual, or mis-handle legitimate applications?

The targeted attacks used in this test replicate those used by the following attack groups in the real world:

  • Wizard Spider
  • Sandworm
  • Dragonfly & Dragonfly 2.0

Read this SE Labs assessment and discover how Palo Alto Networks VM-Series Virtual Next-Generation Firewalls handle advanced targeted attacks. Find the value in deep detection systems. We also describe in detail how each of the attack groups have worked in the past and how we’ve copied their tools and techniques to create a realistic test that reflects real-world security situations.

All reports

02/2023 - 02/2023

Enterprise Advanced Security (Ransomware): Intel

Ransomware Detection Using Hardware

Ransomware Detection Using Hardware

Ransomware Detection Using Hardware

Computer processors get the final word when running programs. Can they judge bad code from good?

SE Labs tested Intel’s hardware approach to ransomware detection, using a wide range of ransomware attacks designed to extort victims. These attacks were realistic, using the same tactics and techniques as those used against victims in recent months.

Target systems included Windows PC both Intel vPro-based hardware and alternative AMD platforms. All were attacked in the same way by testers acting as we observe ransomware groups to behave.

Attacks used original ransomware malware, as seen in the wild during recent months, as well as more advanced variations designed to evade detection. In all cases the ransomware’s goal was to steal, encrypt and destroy sensitive data on the target systems.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download [2.44 MB]

Product factsheet:

Attackers can disguise malware. In the same way you might try to slip past a security guard in thick glasses and a wig, hackers can take their regular code and make it look different. There are many ways to do this, but before it can achieve its ultimate goal, malware has to run, or execute. And at that stage it drops its disguise, at least as far as the hardware it runs on is concerned. As the code runs, its intentions become clear.

And this presents an opportunity for defenders – detect malware at the very last moment, just as it reveals itself while executing. The concept of ‘security on a chip’ has been around for a long time but now Intel claims that it has introduced anti-malware to its vPro hardware platform. By monitoring code as it executes, it hopes to detect malware and inform compatible security software when it does. It claims to do this by using pattern matching, via machine learning, to spot suspicious behaviour. The goal is to have a combination of security software and hardware working together to prevent infections.

All reports

10/2022 - 10/2022

Enterprise Advanced Security (Ransomware): CrowdStrike

Deep and direct ransomware testing

Deep and direct ransomware testing

Deep and direct ransomware testing

SE Labs tested CrowdStrike Falcon against a range of ransomware attacks designed to extort victims. These attacks were realistic, using the same tactics and techniques as those used against victims in recent months.

Target systems, protected by CrowdStrike Falcon, were attacked by testers acting in the same way as we observe ransomware groups to behave.

Attacks were initiated from the start of the attack chain, using phishing email links and attachments, as just two examples. Each attack was run from the very start to its obvious conclusion, which means attempting to steal, encrypt and destroy sensitive data on the target systems.

Loader Loading…
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download [2.02 MB]

Product factsheet:

Crowdstrike Falcon

Enterprise Advanced Security (Ransomware): CrowdStrike Falcon

Ransomware is the most visible, most easily understood cyber threat affecting businesses today. Paralysed computer systems mean stalled business and loss of earnings. On top of that, a ransom demand provides a clear, countable value to a threat. A demand for “one million dollars!” is easier to quantify than the possible leak of intellectual property to a competitor.

Given the global interest and terror around ransomware, we have created a comprehensive test that shows how effective security products are when faced with the whole range of threats posed by ransomware itself and the criminal groups operating in the shadows.

In this report we have taken two main approaches to assessing how well products can detect and protect against ransomware.

Enterprise Advanced Security (Ransomware) Tested

This detailed report looks at ransomware detection during a full network attack; and protection against known ransomware attacks and their unknown variants. We include details about the different types of ransomware attacks, including the tactics used by different criminal groups.

Contact us

Give us a few details about yourself and describe your inquiriy. We will get back to you as soon as possible.

Please enable JavaScript in your browser to complete this form.

Get in touch

Feel free to reach out to us with any questions or inquiries

info@selabs.com Connect with us Find us