Cybereason, the XDR company, announced that the results of the fourth round of ATT&CK evaluations conducted by MITER Engenuity confirm the superior prevention and detection capabilities of the AI-driven Cybereason XDR platform.

Cybereason scored perfect scores in nearly every aspect of the assessments, including 100% Prevention – 100% detection and prevention of nine different attack sequences assessed for Windows and Linux.

The company also achieved 100% visibility by exposing 100% of the 109 different attack behaviors evaluated for Windows and Linux. It also showed 100% real-time protection with zero delayed detection.

Additionally, Cybereason showed 99% analytical coverage with mapped detections on the major ATT&CK techniques evaluated. It also required minimal configuration – Cybereason offered out-of-the-box protection with minimal configuration changes required.

The fifth round of ATT&CK evaluations highlights the effectiveness of our NGAV and EDR capabilities in protecting against sophisticated attack techniques from malicious actors such as Sandworm and Wizard Spider.

Additionally, the Cybereason XDR platform offers AI-based prevention, detection, and predictive response that identify and block advanced threats in the early stages of an attack.

The results of four years of ATT&CK evaluations highlight how Cybereason solutions map directly to the ATT&CK framework to provide unparalleled detection of advanced threat actor tactics, techniques, and procedures (TTPs).

The superior out-of-the-box efficiency offered by the AI-powered Cybereason XDR platform means there is no need to change the solution configuration during deployment. Organizations can immediately benefit from exceptional real-time prevention and detection capabilities, automated and predictive one-click response options to stop the most advanced cyberattacks.

Cybereason’s Director of Sales for Africa, Brandon Rochat, outlines what the MITER Engenuity ATT&CK assessment results mean for the company. “Organizations are increasingly adapting their threat detection strategies to the ATT&CK framework.

“This provides a common language for defenders to understand the range of techniques adversaries can use to gain initial access, elevate privileges, steal account credentials, move laterally within the targeted network, and ultimately exfiltrate sensitive data or disrupt critical business operations,” he said. Explain.

MITER Engenuity ATT&CK assessments reveal how vendors are addressing the same challenges by reducing the time it takes to identify, understand, and respond to malicious actions before material damage occurs.

Rochat believes the results highlight Cybereason’s effectiveness under real-world conditions, as the AI-driven Cybereason XDR platform identifies attacks earlier by correlating behavioral telemetry across the entire network, including the wide range of device types, user identities, application suites, cloud workloads. and more.

“Cybereason MalOp reduces mean time to detection and response (MTTD and MTTR) by immediately providing the full attack story from the root cause without the need for complex queries. Cybereason provides actionable detections and response predictive across all measured MITER ATT&CK assessment categories without inundating analysts with a deluge of uncorrelated alerts,” he adds.

Cybereason CEO and co-founder Lior Div says these results validate the superior detection and protection capabilities Cybereason offers against the most complex attack sequences. “The ATT&CK framework is now the reference standard for evaluating the effectiveness of solutions.

“We are proud of both our outstanding performance over the four years of evaluation and our continued collaboration with MITER CTID to further improve detection based on the most subtle behaviors of attackers. This is how we are beginning to defend ourselves as a community, stop relying so much on reactive approaches, and fight the adversary with behavior-driven predictive response,” he says.

Cybereason is also collaborating with the MITER Center for Threat-Informed Defense (CTID) on the Attack Flow project, which seeks to develop a common data format for describing adversary behavior sequences to improve defensive capabilities.

The objective of the Attack Flow project is to generate a machine-readable representation of a sequence of actions and an attacker context as well as specific descriptive attributes of these actions and assets composed of five main objects: the flow him -same, a list of actions, a list of assets, a list of knowledge properties and a list of causal relationships between actions and assets.

Cybereason has joined the Center as a research participant to conduct research and development to support the evolution of the MITER Engenuity ATT&CK framework. Cybereason and the center strive to provide defenders with a deep understanding of adversary craft and advances in the development of countermeasures for the prevention, detection and response to complex threats.

“Defenders often have to follow the opponent’s techniques individually, which means they can only focus on one specific activity at a time, but opponents use complex sequences in their attacking flows to hide in the seams of the network and avoid detection until it’s too late,” said Sam Curry. , Cybereason OSC.

“Being able to understand the context and correlations between these streaks by stringing together the otherwise disparate Indicators of Behavior (BIOs) allows defenders to surface complex attacks earlier in the attack streak and creates the opportunity to react more quickly when threats emerge,” Curry explains.

Cybereason is dedicated to teaming up with Defenders to end attacks across the enterprise, wherever the battle is fought. Contact us today to learn how your organization can benefit from an operations-centric approach with the AI-driven Cybereason XDR platform.