MITRE introduced the ATT&CK® evaluation as an EDR product assessment leveraging the ATT&CK® framework for APT3. MITRE’s framework is useful in helping organizations make informed decisions when purchasing cyber security solutions using EDR technology.
F-Secure’s participation in MITRE’s first round of evaluation confirmed F-Secure’s industry leading capabilities in detecting advanced attacks. In the second round of evaluation, F-Secure continued to demonstrate strong capabilities in:
- Delivering actionable information fast with minimal number of false positives;
- Delivering great total coverage and visibility into indicators of attack;
- Incorporating managed services (MDR) to increase likelihood of detecting attacks sooner.
The main focus in this round of evaluation is on detection capabilities against APT29 (aka. The Dukes). APT29 is a threat actor that successfully espionage for seven years before it was discovered by F-Secure in 2015. F-Secure’s research on ‘The Dukes’ became the first contribution to MITRE’s knowledge base for APT29.