Cybereason Blog | Cybersecurity News and Analysis

Cybereason Posts Best Results in History of MITRE ATT&CK Evaluations

Written by Cybereason Team | Apr 1, 2022 1:30:20 PM

MITRE ATT&CK Enterprise Evaluations have radically accelerated the effectiveness of today’s cyber defenses the world over. These unbiased and transparent tests push vendors to develop and prove that their technology can stand up against today’s most determined and sophisticated adversaries. 

This year, Cybereason achieved the best results in the history of these evaluations:

Cybereason leads the industry in the MITRE ATT&CK Enterprise Evaluation 2022

100% Protection | 100% Detection | 100% Visibility | 100% Real-Time Detections | 99% Analytic Coverage 

The evaluation took the technology from 30 participating vendors and pitted it against real-world simulations of two notorious ransomware and data destruction gangs, Wizard Spider and Sandworm. The results speak for themselves.

Cybereason demonstrated comprehensive and exhaustive defense against these sophisticated ransomware operations. Improving our platform through the MITRE ATT&CK evaluations directly translates to helping our customers remain undefeated against ransomware and other critical threats.

100% Protection: Stop Threats Before They Become Distracting Alerts

Cybereason delivered the MOST prevention of all participating vendors.

Prevention testing determines a solution’s ability to stop threats from executing before a foothold can be gained or damage can be inflicted. Stopping attacks early drastically reduces the number of alerts that the security team has to triage downstream, improving the team’s ability to uncover sophisticated threats and reducing burnout.

Cybereason is the only vendor to leverage a unique combination of multi-layered defense and Predictive Ransomware Protection to achieve predictive response. These prevention capabilities help security professionals stay one step ahead of the attacker at every move and prevent attacks before they start.

CYBEREASON PREVENTS EMOTET IN MITRE ENTERPRISE EVALUATION 2022

100% Detection: Ensure No Threat Goes Uncovered

Cybereason flawlessly detected EVERY attack step in the 2022 Enterprise Evaluation.

Malicious operations can be broken down into numerous substeps of attacker behavior, many automated, others manual. During the MITRE Enterprise Evaluation, many of the common attacker behaviors used by Wizard Spider and Sandworm were categorized into 19 groupings of detections. 

Cybereason detected all 19 attack steps tested during the evaluation demonstrating that Cybereason has the ability to see the full picture of the malicious operation.

CYBEREASON DETECTS MALICIOUS FILE EXECUTION IN MITRE ENTERPRISE EVALUATION 2022

100% Visibility: Reveal The Full Context Of An Attack 

Cybereason is the ONLY vendor to deliver 100% visibility across all operating systems.

Assessing the ability of solutions to provide visibility quantifies their effectiveness at providing the full context of an attack, uncovering where it originated, what was affected, the timeline of events, as well as the granular details of the attack chain.

Cybereason was the only vendor to deliver a perfect visibility score, primarily achieved through our MalOp Detection Engine. This unique, operation-centric approach, gives security practitioners the ability to uncover and stop malicious operations rather than chase alerts.

100% Real-Time Detection: Eliminate The Need For Human Intervention 

Cybereason experienced ZERO delayed detections.

Solutions that are highly effective against today’s threats—especially sophisticated threats like ransomware—must be able to detect malicious activity immediately without waiting for additional processing time or human analyst intervention.

Cybereason delivers 100% real-time detection by leveraging all of your data. While other solutions filter valuable event data, Cybereason uses more than 30 sources of telemetry to correlate all relevant data in real-time. Finally, using artificial intelligence and machine learning, Cybereason builds a comprehensive picture, detecting threats in real-time as they are happening.

CYBEREASON DETECTS FILE DELETION IN REAL-TIME IN MITRE ENTERPRISE EVALUATION 2022

99% Analytic Coverage: The Most Complete, Actionable Mapping To The MITRE ATT&CK Framework

Cybereason delivered the MOST high-quality analytic detections across all competing solutions.

Vendors that perform well in the Analytic Coverage category effectively map their detections to the MITRE ATT&CK Framework. This means alerts generated come with important context on attacker intent and likely next steps.

Cybereason achieved 99% Analytical Coverage as a result of unique capabilities to correlate massive volumes of data at planetary scale to predict, understand, and end threats. That's why Cybereason partnered with Google Cloud on an XDR platform that protects your employees across the many ways they work today.

Dig Deeper: Live Webinar On April 7th

Join us for a live webinar on April 7th where we will boil down the complexity of the MITRE ATT&CK Enterprise Evaluations so your organization can better understand:

  • How to interpret the results across Protection, Detection for Windows and Linux
  • The difference between Technique, Tactic and Telemetry detections
  • Why organizations are mapping to the MITRE ATT&CK framework and what’s next

Register Here