Get insight into how the top EDR vendors performed against real-world techniques in the MITRE ATT&CK® APT-3 and APT-29 evaluations
For two years in a row, Cortex XDR™ has delivered unsurpassed detection capabilities in the independent MITRE ATT&CK evaluations. The MITRE security evaluation provides an objective third-party view into how leading vendors measure up against advanced attacks.
These tests prove that Cortex XDR delivers:
- The best overall visibility into attack techniques
- Accurate, highly correlated detections that speed investigations and enable superior incident visualization
- Speed and flexibility with a high number of real-time alerts as well as leading managed threat hunting support
Watch the Webinar
KEY TAKEAWAYS
The best coverage. Cortex XDR accurately detected 88.9% of attack techniques, far outpacing all other vendors tested. Building on its leading coverage, Cortex XDR further achieved the lowest miss rate, providing the best attack visibility, with the nearest vendor missing almost twice as many techniques.
Superior speed. Cortex XDR had zero delayed detections, meaning all results were automated and came in real time. Other vendors’ approaches rely on human security analysts, producing delayed results and wasting valuable time that could be spent stopping attackers from infecting systems.
High fidelity. Security teams are overwhelmed with alerts that don’t represent actual threats. Cortex XDR has the highest-scoring combination of high-fidelity alerts and enriched telemetry data to provide your security analysts with deeper context and far fewer false positives.
COVERAGE ACROSS THE ATTACK LIFECYCLE
Attackers take a series of steps to accomplish their goals, from gaining initial access to exfiltrating data. Cortex XDR generated detections in every single attack phase across all of MITRE’s attack testing scenarios.
An EDR tool should be able to detect every step of an attack. The MITRE ATT&ck Evaluation found that Cortex XDR provided unrivaled coverage in two attack emulations, with detections across every stage of the attack lifecycle.
