Testing the Efficacy of Security Software

Jan 24, 2024

Component not found for block type: video-embed

If you’re the buyer of security products for a large company, how do you ensure that a product works as promised? Security software testing puts products such as firewalls, endpoint protection and intrusion detection systems through their paces. But security software testing has been a contentious area, with vendors sparring over results and occasional accusations of cheating. In this edition of Studio 471, Simon Edwards of SE Labs walks through how his company conducts ethical, realistic tests based on the cyber kill chain and MITRE ATT&CK, an index of attacker tactics, techniques and procedures.

Participants:
Simon Edwards, Founder and CEO, SE Labs
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471

Threat Hunting//

Threat Hunting Case Study: FileFix

FileFix bypasses Mark of the Web (MotW) protections by hijacking the Windows File Explorer address bar. Here is how to hunt for it.

Emerging Threats//

Gentlemen Ransomware

Gentlemen ransomware uses credential abuse, defense evasion, and double extortion tactics to compromise enterprise environments and increase pressure on victims.

Emerging Threats//

TeamPCP Supply Chain Attacks

TeamPCP is exploiting trusted npm and PyPI packages to compromise developer environments, steal credentials, and extend attacks across software supply chains.

Sign up for our Executive Intel Update

Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.

Testing the Efficacy of Security Software

Related Articles

Threat Hunting Case Study: FileFix

Gentlemen Ransomware

TeamPCP Supply Chain Attacks

Sign up for our Executive Intel Update

Sign up for our Executive Intel Update