Secureworks Announces MITRE ATT&CK Evaluation Results, Momentum in Software Innovation
Find out how our cloud-native platform, XDR performed during the MITRE ATT&CK Endpoint Protection Product Evaluation.
What is the MITRE ATT&CK Framework?
The MITRE ATT&CK framework is a globally accessible knowledge base of cyber adversary tactics and techniques based on real-world observations. MITRE launched their ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework to help the cybersecurity industry speak a common language.
The MITRE ATT&CK product evaluations are focused on empowering end-users with insights on how to operationalize those products against known adversary attacks. It provides independent transparency on the capabilities of security products and motivates product vendors to enhance their capabilities against adversary behaviors.
Blog
Understanding How MITRE ATT&CK Helps Improve Your Program
Many practitioners within the cybersecurity industry advocate for a common language to describe cyber threats. The language used to describe these threats significantly shapes the way we think and determines how to approach a holistic defense. In recent years, the MITRE ATT&CK framework has increasingly become that common language and is helping push the security vendor community to enhance our abilities to detect known adversary behaviors. Security teams can leverage the MITRE ATT&CK model to think about key visibility points within their environment, as well as overall detection coverage and strategies.
Webcast
Making Sense of MITRE ATT&CK Evaluations to Address Your Cybersecurity Needs
View our on-demand webcast to better understand the MITRE ATT&CK Framework and evaluations, including our perspective and results as a recent participant.
How Our Software Speaks ATT&CK
As a participant in the MITRE ATT&CK APT-29 evaluation, Secureworks has learned not only how to speak this language, but also how to enable a more relatable customer experience. Taegis™ XDR maps alerts to the MITRE ATT&CK framework after it applies machine and deep learning to one of the industry’s richest threat data sets. This includes telemetry from 1,400+ incident response engagements each year and threat intelligence sourced from more than 4,000 customers. The XDR dashboard (see screenshots) has alert visualizations built to improve the experience of our security analyst users. While the MITRE ATT&CK evaluations mainly focus on endpoint product vendors, XDR integrates data from a wide variety of sensors and visibility providers, including endpoint agents, network sensors, firewalls, proxies, public cloud provider APIs, and more.