2021 Cortex-Mitre

Putting Our Defenses to the Test

With a field of 29 EDR vendors testing their wares, the latest round of the MITRE ATT&CK® evaluation didn’t disappoint in providing a bit of drama and hubris, emulating the notorious Carbanak and FIN7 attacks focused on financial services that often used point-of-sale software to quite literally “make it rain” when ATMs were triggered to dispense cash.

By re-creating these types of attacks based on true events, the practitioner community can glean priceless insights to better improve product performance and effectiveness.

Get the guide

Key Takeaways

For the third year in a row, Cortex® XDR™ emerged as one of the top-performing vendors, achieving the highest overall combined detection and protection rate in the evaluation.

At a high level, Cortex XDR performed the following against the TTPs used by Carbanak and FIN7:

Blocked 100% of attacks in the protection evaluation on both Windows and Linux endpoints.
Achieved more than 97% visibility of attack techniques.
Delivered the best detection rates of any solution that also got a perfect protection score.
Of the attack techniques used, identified 86% with an analytics detection, defined by MITRE as detections that provide additional context beyond telemetry.
- 80% of these had an associated technique-level detection, the highest type of detection awarded in this evaluation.

Resources for All Things MITRE

Palo Alto Networks Garners Stellar Results, 3 Years Running

Deciding on an XDR or EDR solution and need proof of consistent excellence with stellar performance, year after year? Analysis from MITRE can help with objective third-party evaluations. See the detailed results of each test from the last three years, and decide who’s hot and who’s not for yourself!