Thorough, independent tests are vital as cybersecurity leaders and their teams review vendors’ abilities to guard in opposition to an increasing number of sophisticated threats to their organizations. And per chance no review is extra widely trusted than the annual MITRE Engenuity ATT&CK Studies: Endeavor.

This evaluate is serious for making an strive out distributors on memoir of it’s almost unimaginable to reflect cybersecurity distributors per their very have faith efficiency claims.

Along with vendor reference checks and proof of price opinions (POV) — a reside trial — of their ambiance, the MITRE Engenuity results add goal input to assess cybersecurity distributors holistically.

In this half, we’ll unpack MITRE Engenuity’s most original methodology to check safety distributors in opposition to precise-world threats, provide our interpretation of the outcomes, and title the discontinuance takeaways emerging from the evaluate of Cynet’s all-in-one safety solution.

It is seemingly you’ll presumably well presumably salvage Cynet’s MITRE engenuity ATT&CK good book Here.

How Does MITRE Engenuity Take a look at Vendors All the procedure in which via the Evaluate?

The MITRE Engenuity ATT&CK Evaluate is performed by MITRE Engenuity and tests the endpoint protection ideas in opposition to a simulated attack sequence per precise-existence approaches taken by effectively-identified evolved continual threat (APT) groups.

The MITRE Engenuity ATT&CK Studies: Endeavor tested 29 vendor ideas by emulating the attack sequences of Turla, a posh Russia-based entirely threat neighborhood identified to have contaminated victims in over forty five nations.

A truly noteworthy caveat is that MITRE doesn’t irascible or find vendor results. As every other, the raw test recordsdata is printed in conjunction with some classic online comparison tools. Buyers then use that recordsdata to reflect the distributors per their organization’s unparalleled priorities and desires. The taking part vendors’ interpretations of the outcomes are fair that — their interpretations.

Incident Response – On-Demaind Free Webinar 2024

Leveraging MITRE’s 2023 ATT&CK Evaluate to Supercharge Your Safety Strategy

The MITRE Engenuity ATT&CK Evaluate represents one in all the industry’s most trusted and in-depth assessments of how competing safety ideas contain in precise-world attack scenarios. .

Glance for Free

So, How discontinue You Give an explanation for The Outcomes?

That’s a sizable ask — one that alternative of us are asking themselves correct now. The MITRE Engenuity ATT&CK Studies: Endeavor results aren’t presented in a structure that many other folks are former to digesting (taking a ogle at you, magical graph with quadrants).

And independent researchers in most cases stammer “winners” to lighten the cognitive load of figuring out which distributors are the discontinuance performers. In this case, figuring out the “best” vendor is subjective. Which, if you happen to don’t know what to ogle for, can genuinely feel adore a bother if you’re already annoyed with attempting to assess which safety vendor is the final be aware fit for your organization.

With these disclaimers issued, let’s evaluate the outcomes to review and distinction how taking part distributors performed in opposition to Turla.

MITRE Engenuity ATT&CK Outcomes Summary

The following tables original Cynet’s analysis and calculation of all vendor MITRE Engenuity ATT&CK Studies: Endeavor test results for the finest measurements: Total Visibility, Detection Accuracy, and Total Efficiency. 

There are alternative other methods to ogle at the MITRE results, but now we take into accout these to be most indicative of a solution’s ability to detect threats.

Total Visibility is the overall alternative of attack steps detected across all 143 sub-steps. Cynet defines Detection Quality as the proportion of attack sub-steps that integrated “Analytic Detections – of us that title the method (why an activity will most definitely be happening) or methodology (both why and the procedure in which the methodology is occurring).

Moreover, it’s vital to ogle at how every solution performed sooner than the seller adjusted configuration settings because of missing a threat. 

MITRE permits distributors to reconfigure their systems to strive and detect threats that they missed or to lend a hand the data they offer for detection. Within the precise world we don’t have the luxurious of reconfiguring our systems because of missed or uncomfortable detection, so the extra real looking measure is detections sooner than configuration adjustments are implemented.

How’d Cynet discontinue?

According to Cynet’s analysis, our crew is gay with our efficiency in opposition to Turla in the 2023 MITRE Engenuity ATT&CK Studies: Endeavor, outperforming the majority of distributors in numerous key areas. Here are our high takeaways:

• Cynet delivered 100% Detection (19 of 19 attack steps) with NO CONFIGURATION CHANGES
• Cynet delivered 100% Visibility (143 of 143 attack sub-steps) with NO CONFIGURATION CHANGES
• Cynet delivered 100% Analytic Protection (143 of 143 detections) with NO CONFIGURATION CHANGES
• Cynet delivered 100% Trusty-time Detections (0 Delays across all 143 detections)

Let’s dive fair a little deeper into Cynet’s analysis of one of the outcomes.

Cynet’s all-in-one safety solution modified into once a high performer when evaluating both visibility and detection quality. This analysis illustrates how effectively an answer detects threats and provides the context needed to carry out the detections actionable. Missed detections are an invite for a breach. In distinction, uncomfortable quality detections make unnecessary work for safety analysts or doubtlessly insist off the alert to be overlooked, which, all every other time, is an invite for a breach.

Cynet delivered 100% visibility and perfectly detected every person in all the 143 attack steps utilizing no configuration adjustments.  The following chart shows the proportion of detections across all 143 attack sub-steps sooner than the distributors implemented configuration adjustments. Cynet performed as effectively as two very large, effectively-identified, safety firms no matter being a portion of their dimension and phenomenal better than one of the finest names in cybersecurity. 

Cynet equipped analytic protection for 100% of the 143 attack steps utilizing no configuration adjustments. The following chart shows the proportion of detections that contained vital classic, tactic or methodology recordsdata across the 143 attack sub-steps, all every other time sooner than configuration adjustments had been implemented. Cynet performed as effectively as Palo Alto Networks, a $115 billion publicly traded company with 50 times the alternative of workers, and phenomenal better than many established, publicly traded brands.

Peaceable have questions?

In this on-quiz webinar, Cynet CTO Aviad Hasnis and ISMG SVP Editorial Tom Field evaluate essentially the most original MITRE ATT&CK results and half educated advice for cybersecurity leaders to get the seller that easiest fits the explicit needs of their organization. In addition they unpack Cynet’s efficiency for the interval of the tests and title opportunities ot attain your team’s objectives with the all-in-one safety solution.