Putting Our Defenses to the Test
With a field of 29 EDR vendors testing their wares, the latest round of the MITRE ATT&CK® evaluation didn’t disappoint in providing a bit of drama and hubris, emulating the notorious Carbanak and FIN7 attacks focused on financial services that often used point-of-sale software to quite literally “make it rain” when ATMs were triggered to dispense cash.
By re-creating these types of attacks based on true events, the practitioner community can glean priceless insights to better improve product performance and effectiveness.
For the third year in a row, Cortex® XDR™ emerged as one of the top-performing vendors, achieving the highest overall combined detection and protection rate in the evaluation.
At a high level, Cortex XDR performed the following against the TTPs used by Carbanak and FIN7:
Blocked 100% of attacks in the protection evaluation on both Windows and Linux endpoints.
Achieved more than 97% visibility of attack techniques.
Delivered the best detection rates of any solution that also got a perfect protection score.
Of the attack techniques used, identified 86% with an analytics detection, defined by MITRE as detections that provide additional context beyond telemetry.
80% of these had an associated technique-level detection, the highest type of detection awarded in this evaluation.
Resources for All Things MITRE
Palo Alto Networks Garners Stellar Results, 3 Years Running
Deciding on an XDR or EDR solution and need proof of consistent excellence with stellar performance, year after year? Analysis from MITRE can help with objective third-party evaluations. See the detailed results of each test from the last three years, and decide who’s hot and who’s not for yourself!
The Ultimate Guide to the MITRE ATT&CK Round 2 EDR Evaluation
How to Pick a Winner in EDR
All About MITRE ATT&CK Round 3 in Less Than 3 minutes
Carbanak + FIN7: MITRE ATT&CK Results Unpacked
Unpacking the MITRE ATT&CK Evaluation with Palo Alto Networks, featuring Forrester
Cortex XDR: The Market Approves!
For more information on our security test results, analyst perspectives and customer reviews, see industry validation for Cortex XDR.