It’s complicated. MITRE Engenuity ATT&CK® Evaluations are difficult to understand. The latest release is no different. The MITRE 2023 results performed analysis on multiple vendors’ defenses against the behavior of the Turla adversary in two well thought-out and well executed attacks against a mythical company. What these results reveal, by design, is not winners and losers. What they reveal should be determined by your specific security role.
Your perspective is critical in evaluating product performance. For example, if you’re an Admin who is actively trying to deal with an attack, you may not be concerned with which API the threat used to launch a file. However, if you’re the Forensic analyst, and you want to identify a specific threat actor, the technique used to launch a file - particularly if it is novel - might be immensely important.
It’s complicated. But not impossible. And we can help you determine what’s important to you and how to practically assess how well a product answers your needs. Please join us for What the MITRE 2023 Test Means for You, a webinar hosted by SANS Analyst Matt Bromiley, 1 pm EDT, 10 am PDT, on Sept. 28, 2023.
We encourage you to share your thoughts on your favorite social platform.