MITRE previously evaluated products from Carbon Black, CrowdStrike, GoSecure, Endgame, Microsoft, RSA, SentinelOne, Cybereason, F-Secure, FireEye, McAfee, and Palo Alto against the threat posed by APT3, a Chinese group that analysts believe is currently focused on monitoring Hong Kong-based political targets, and began releasing those results in late 2018. ATT&CK is freely available, and is widely used by defenders in industry and government to find gaps in visibility, defensive tools, and processes as they evaluate and select options to improve their network defense. MITRE developed and maintains the ATT&CK knowledge base, which is based on real world reporting of adversary tactics and techniques. “The ATT&CK Evaluations help the cybersecurity community by improving the security products that we rely upon and arming end users with objective insights into those product capabilities to detect known adversary behaviors,” said Jon Baker, MITRE department head for adversary emulation and orchestration. The evaluations, which were paid for by the vendors, include products from Bitdefender, Blackberry Cylance, Broadcom (Symantec), CrowdStrike, C圜raft, Cybereason, Elastic (Endgame), F-Secure, FireEye, GoSecure, HanSight, Kaspersky, Malwarebytes, McAfee, Microsoft, Palo Alto Networks, ReaQta, Secureworks, SentinelOne, Trend Micro, and VMware (Carbon Black). Using its ATT&CK ® knowledge base, MITRE emulated the tactics and techniques of APT29, a group that cybersecurity analysts believe operates on behalf of the Russian government and compromised the Democratic National Committee starting in 2015. McLean, VA, and Bedford, MA, April 21, 2020-MITRE released the results of an independent set of evaluations of cybersecurity products from 21 vendors to help government and industry make better decisions to combat security threats and improve industry’s threat detection capabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |