Agger Wins SE Labs Award for Enterprise Security Development

Oh yes.

Agger has won the SE Labs Awards 2026 in the Enterprise Security Development category.

Awards are always nice. Everyone says they are humbled, delighted, honoured, and all the usual stuff. We are genuinely pleased, of course, but this one hits a bit differently.

This award recognises the bit of security work that is not always easy to show in a shiny screenshot: the engineering discipline needed to build protection that still behaves properly when everything else is getting messy.

And with ransomware, messy is the whole game.

Ransomware defence is not abstract. It is measured in seconds, in operational disruption, in recovery costs, and in whether an organisation can contain the damage before encryption becomes the only thing anyone is talking about.

That is exactly the problem Agger was built for.

Built for a very specific failure mode

We have always been clear about where Agger fits.

We are not here to pretend the rest of the security stack does not matter. EDR, backups, identity controls, email security, vulnerability management, logging, incident response, the lot. It all matters.

Agger is for that horrible moment when ransomware starts behaving destructively on an endpoint and the window to act is tiny.

That needs a different kind of engineering focus. Local decision-making. Fast response. Behavioural certainty. No unnecessary dependencies when the pressure is on. No calls to the cloud for a robot to make a decision. Simply, we don't want to be waiting around for five different things to line up before taking action.

The goal is simple to say and properly hard to get right: stop destructive encryption before recovery becomes the only option left.

That us, bosh.

Security development is not just writing code

The SE Labs Enterprise Security Development category matters to us because it speaks to how products are built, not just how they are sold.

Good security engineering is not about piling on features until the dashboard looks busy. It is about building focused controls that solve a real operational problem.

It means testing against realistic ransomware behaviours, not cosy demos where everything behaves nicely. It means fitting into existing enterprise environments without adding unnecessary grief. It means keeping local protection useful even when cloud access is degraded. It means making decisions quickly without generating a load of noise for already busy teams.

Reliability, performance, and safety are not nice-to-haves. They are security requirements.

Security products earn trust through evidence. That means testing, customer experience, engineering maturity, and being willing to have the product measured properly. This is why we gave SE labs our code and said 'do the worst you can, here's real samples too'

Security products are now part of the target

There is another reason this award feels timely.

Security software is no longer sitting safely off to the side of the threat model. It is part of the target.

Adversaries know that weakening, bypassing, disabling, or abusing the tools designed to stop them is often the fastest way to make room for ransomware. Endpoint controls, VPNs, identity systems, management platforms, cloud integrations, update mechanisms, telemetry pipelines. All of these sit close to trust, privilege, visibility, or response.

So of course attackers are interested in them.

That raises the bar for every security vendor. It is no longer enough to detect bad behaviour in someone else’s software. Security products have to be engineered as high-value software systems in their own right.

The numbers are not exactly comforting either.

Google Cloud’s M-Trends 2025 report found that vulnerability exploitation was the most common initial infection vector in 2024, accounting for 33% of intrusions investigated by Mandiant.

CISA’s Known Exploited Vulnerabilities Catalogue continues to show how quickly attackers move towards weaknesses that give them useful access.

Then there is the frontier AI angle, which is not some distant, hand-wavy future problem anymore.

The UK AI Security Institute’s Frontier AI Trends Report found that AI models can now complete apprentice-level cyber tasks around 50% of the time on average, compared with just over 10% in early 2024. It also reported that the length of cyber tasks models can complete unassisted is doubling roughly every eight months.

The UK’s National Cyber Security Centre has also warned organisations to prepare for a coming vulnerability patch wave, as AI accelerates vulnerability discovery and pushes everyone to raise their security baseline.

For a security vendor, none of this is theoretical pub chat. It affects how you build.

At Agger, we treat product security, software quality, and ransomware protection as the same discipline. The agent making decisions during a ransomware event has to be quick, but it also has to be robust under stress. The update path has to be protected. The telemetry has to be useful without becoming a liability. The product has to sit alongside existing enterprise controls without adding unnecessary complexity.

That is what secure development means to us.

Not just features. Not just detection logic. Not just a dashboard with some dramatic graphs on it.

It means building security software that is itself worthy of trust.

Recognition from SE Labs

The SE Labs Awards recognise cyber security vendors delivering strong performance across enterprise, small business, and consumer markets. Winners are selected using a combination of continuous public testing, private assessments, and feedback from SE Labs’ corporate clients.

Simon Edwards, Founder and CEO of SE Labs, said:

“The SE Labs Awards recognises the vendors that are making a real difference in keeping systems secure. Winning an award is a significant achievement. It reflects not only strong product performance in our tests but also the commitment of the teams behind the technology. Congratulations to Agger on its success.”

We are grateful for the recognition. Properly grateful.

But we also know recognition like this comes with responsibility.

Ransomware keeps evolving. Attackers are improving their tradecraft, automating more of the intrusion lifecycle, abusing legitimate tools, and looking for the shortest path between access and impact.

Defensive products cannot run on yesterday’s assumptions.

That is why we keep investing in engineering that is precise, tested, and built around what actually happens during attacks, not what looks neat in a lab environment.

What this means for our customers

For our customers, this award does not change what Agger does, actually we'd say it reinforces why we do it.

Agger is a focused ransomware control that runs alongside existing tools, interrupts destructive activity early, and gives organisations a better chance of containing an incident before it turns into a full recovery exercise.

That has always been the work.

No silver bullets. No big magic wand. No nonsense about solving ransomware forever.

Just careful security engineering, tested protection, and a clear focus on stopping destructive encryption before it is too late.

Thank you to SE Labs for the recognition, to our customers for their trust, and to the Agger team for the graft that made this possible.

As adversaries become more capable, and as frontier AI changes the pace of vulnerability discovery and exploitation, the burden on security vendors gets heavier. We have to build software that protects customers without becoming another weak point in their environment.

That is the standard we will keep working towards.