In 2018, MITRE introduced the ATT&CK® evaluation as an EDR product assessment leveraging the ATT&CK® framework for APT3. MITRE’s framework is useful in helping organizations make informed decisions when purchasing cyber security solution using EDR technology.
Our participation in MITRE’s first round of evaluation last October confirmed F-Secure’s industry leading capabilities in detecting advanced attacks. We recently completed the second round of evaluation and have demonstrated strong capabilities in:
- Delivering actionable information fast with minimal number of false positives.
- Delivering great total coverage and visibility into indicators of attack.
- Incorporating managed services (MDR) to increase likelihood of detecting attacks sooner.
The main focus in this round of evaluation is on detection capabilities against APT29 (aka. The Dukes). APT29 is a threat actor that successfully espionage for seven years before it was discovered by F-Secure in 2015. Our research on ‘The Dukes’ became the first contribution to MITRE’s knowledge base for APT29.Read our analysis to learn more