Cybereason Joins with MITRE Engenuity’s Center for Threat-Informed Defense

June 2, 2021 | 2 minute read

Cybereason is excited to announce that it is now a research sponsor of the Center for Threat-Informed Defense, allowing collaboration on applied research and development to improve cyber defenses at scale for the global security community.

The research collaboration will build on the MITRE ATT&CK® framework as the foundation for a threat-informed defense approach in countering the latest techniques being leveraged by today’s most advanced threat actors. The Center also works to provide defenders with a deep understanding of adversary tradecraft and advances in the development of countermeasures for prevention, detection and mitigation of modern threats.

“The MITRE ATT&CK framework has been rapidly adopted by organizations because it is a taxonomy and analytical framework that dramatically advanced the way we communicate, detect and respond to adversarial activity,” said Cybereason co-founder and CTO Yonatan Striem Amit. 

“We are committed to working with the Center for Threat-Informed Defense to develop better defense strategies that work to reverse the adversary advantage and return the high ground to the defender.”

This ongoing collaboration will result in a reduction in the time it takes to identify, understand and respond to malicious actions before material damage occurs. The Center is a non-profit, privately funded research and development organization operated by MITRE Engenuity with a mission to advance the state of the art and the state of the practice in threat-informed defense globally. 

Comprised of participant organizations from around the globe with highly sophisticated security teams, the Center builds on MITRE ATT&CK, an important foundation for threat-informed defense used by security teams and vendors in their enterprise security operations. Because the Center operates for the public good, outputs of its research and development are available publicly and for the benefit of all.

“The Center for Threat-Informed Defense brings together the best security teams from around the world to identify and solve the most-pressing problems facing cyber defenders,” said Richard Struse, director, Center for Threat-Informed Defense. 

“We’re excited Cybereason has joined our efforts to change the game on adversaries by helping improve our collective ability to prevent, detect, and respond to cyber attacks.”

Cybereason and the Recent MITRE ATT&CK Evaluations

The results of the latest ATT&CK Evaluation, conducted by MITRE Engenuity, were released in April, 2021. The Cybereason Defense Platform was evaluated on its ability to prevent and detect advanced attacks, achieving 100% coverage for prevention of Windows and Linux-based threats, and 98% technique visibility across the 54 advanced attack techniques applied in testing. The MITRE Evaluation validates Cybereason’s future-ready attack protection, and superior prevention, detection and response capabilities (more details here).

This year’s evaluation emulated threat groups Carbanak and FIN7, who are known to attack banks, retail, and the hospitality sectors. As adversaries who attack financial organizations, it’s not surprising that the evaluation tested stealthy techniques including scripting, obfuscation, “living off the land” and -- new this year -- attacks against Linux systems.

In today’s threat landscape, it’s more important than ever that security investments prove their effectiveness in reducing the risk of cyberattacks. For this reason, the MITRE ATT&CK Framework along with the MITRE Engenuity ATT&CK Evaluations have been an invaluable resource for Defenders to speak a common language around threats, as well as a consistent way to measure cybersecurity vendor capabilities in detecting and stopping malicious operations.

Cybereason is dedicated to teaming with defenders to end cyber attacks from endpoints to the enterprise to everywhere. Talk to a Cybereason defender today or schedule a demo to learn how your organization can benefit from an operation-centric approach to security.

Cybereason Security Team
About the Author

Cybereason Security Team

The Cybereason Security Team champions cyber defenders by providing future-ready attack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines the industry’s top-rated detection and response (EDR and XDR), next-gen anti-virus (NGAV), and proactive threat hunting to deliver context-rich analysis of every element of a Malop (malicious operation). The result: defenders can end cyber attacks from endpoints to everywhere.

All Posts by Cybereason Security Team