April 21, 2021 | 2 minute read
The long-awaited 2020 MITRE ATT&CK evaluations are out! With the MITRE ATT&CK framework now being the standard by which Defenders can measure the effectiveness of various solutions in tracking adversary behavior, cyber vendors are cherry-picking results from this latest testing round and spinning up clever interpretations of the data in their favor. At Cybereason, we are proud to let the test results speak for themselves.
Cybereason received top scores across every aspect of the evaluations. The Cybereason Defense Platform dominated due to its ability to prevent and detect the advanced tools, tactics and procedures used in the MITRE evaluations emulating real-world scenarios. Cybereason delivered 100% coverage for prevention of Windows and Linux-based threats, and unparalleled visibility and detections across the 54 advanced attack techniques applied in testing. The MITRE Evaluation validates Cybereason’s future-ready prevention, detection and response capabilities (more details here).
Cybereason delivers actionable detection of adversary activity across the entire ATT&CK framework for customers, and backs up that promise with a $1 Million Dollar Breach Warranty. As threats cross the threshold from suspicious to malicious, the Cybereason Defense Platform quickly identifies the subtle chains of behavior and reliably prevents more malicious activity than the competition. Please check the results of the latest round of MITRE testing to see for yourself - here’s a few nuggets to get you started:
Cybereason Delivers 100% Protection
Prevention requires rapid analysis of executions and automated remediation to protect systems. Of the few vendors who consented to taking part in this rigorous portion of the MITRE ATT&CK evaluations, Cybereason reliably prevented more threats than the competition, as showcased with a 100% protection score in the evaluation. Strong prevention equates to fewer events that must be triaged by security analysts for detection and response.
Broad visibility and behavioral analysis of threats is a crucial component to a successful security strategy. MITRE ATT&CK evaluations now include the analysis of vendors’ ability to prevent malicious executions in real-time, including preventing any negative impact to users and endpoints.
Cybereason Prevents 100% of Linux-Based Threats
New to the 2020 ATT&CK evaluation is the analysis of detection and prevention of Linux-based threats. Modern environments are often complex and leverage many different platforms across many different locations. Windows-dominant detection alone is inadequate: a platform solution must protect Linux, Mac, mobile and other nonstandard configurations to provide complete visibility across the enterprise.
Cybereason excelled in the detection of Linux-based threats by detecting 100% of the 12 techniques tested. This equates to prevention of more malicious threats prior to execution across non-Windows endpoints.
Cybereason Delivers Better Visibility Based on More Data Sources
Data sources indicate the variety of artifacts and activities from different sources that are analyzed to produce a detection. Cybereason analyzes a greater range of data sources than the competition, which means conviction of malicious activity can happen faster with greater reliability. With our petabyte-scale data collection and in-memory graph analytics, we see more attacker activity earlier and deliver more context to defenders in every Malop™ (malicious operation detection).
More data sources surfaced in detections equates to more visibility and a better understanding of the breadth and the depth of attacker activity. This enables better prevention capabilities and more confident convictions by moving from “suspicious” to “malicious” earlier in the attack sequence than other vendors.
To learn more about this year’s evaluation and how security teams are operationalizing ATT&CK, join us for a webinar, R3 MITRE ATT&CK ENGENUITY EVALUATIONS EXPLAINED, where Cybereason CISO Israel Barak and Product Director Eric Sun will share more details on our evaluation results along with MITRE ATT&CK application best practices.
Cybereason delivers future ready attack protection that incorporates the MITRE ATT&CK framework directly into the product to deliver a defense platform capable of defeating the most advanced adversaries. Cybereason is dedicated to teaming with defenders to end cyber attacks from endpoints to the enterprise to everywhere. Talk to a Cybereason defender today or schedule a demo to learn how your organization can benefit from an operation-centric approach to security.
JJ Cranford is a Senior Product Marketing Manager at Cybereason, He was previously with OpenText after the acquisition of Guidance Software where he was responsible for the go-to-market strategy for endpoint security products. JJ provides insight into market trends, industry challenges, and solutions in the areas of incident response, endpoint security, risk management, and compliance.All Posts by JJ Cranford