Round 1 Testing
In round 1 the following AEP/EDR products were tested:
The following vendors/products will follow:
- Cyberreason
- F-Secure Countercept
- Fireeye Endpoint Security
- McAfee MVision
- Palo Alto WildFire Traps XDR
Example
As an example you can look at the results of the Microsoft Windows Defender ATP results. You can see all techniques which were tested and how the product worked. You even can see screenshots of it:
Screenshot of Microsoft Defender ATP of MITRE ATT&CK Evaluation Round1 Testing 1.A.1 User Execution T1204:
Summary
This is amazing work done by MITRE! 👍 It provides transparency of the Advanced Endpoint Protection AEP/Endpoint Detection and Response EDR products, lets you compare them, check which techniques they protect against and how they work in terms of forensics.Round2 is already running. 👌
Thank you for your article. It will definitely help me a lot...
ReplyDeleteEnd Point Protector
By using MITRE ATT&CK, security teams can map adversary techniques to their endpoint protection software, uncover gaps, and make improvements. This form of proactive testing allows businesses to strengthen their defenses and ensure they are prepared for evolving cyber threats.
ReplyDeleteAs security solutions evolve, tools like endpoint protection software play a key role in defense, much like how high-quality Elux Vape Liquid offers premium satisfaction for its users. Both work to ensure the best experience, whether in cybersecurity or leisure.