MITRE ATT&CK Evaluation Showcases FireEye Endpoint Security and Mandiant Managed Defense
April 23 2020 - 8:00AM
Business Wire
FireEye delivered the most comprehensive
coverage across all detection categories in evaluation simulating
real-world attacks by Russian-backed adversary APT29
FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security
company, today announced that FireEye® Endpoint Security and
Mandiant® Managed Defense delivered the most comprehensive coverage
across all detection categories in the MITRE ATT&CK®
evaluation.
FireEye was one of 21 vendors selected to participate. The
evaluation simulated real-world attacks used by the Russian-backed
adversary APT29. This year’s evaluation included a new detection
category called MSSP that highlights vendors’ ability to enrich
alerts with enhanced context. Mandiant Managed Defense had one of
the highest number of enriched alerts in the new MSSP detection
category defined by MITRE, showcasing the advanced threat hunting
and detection capabilities of the managed detection and response
(MDR) service.
“We view the evaluations as a collaborative process to help the
participating vendors improve their products, which ultimately
makes cyberspace safer for everyone,” said Frank Duff, ATT&CK
Evaluations lead. “Taken as a whole, the results indicate that the
participating vendors are beginning to understand how to detect the
advanced techniques used by groups like APT29, and develop products
that provide actionable data in response for their users.”
MITRE developed and maintains ATT&CK based on open source
reporting of adversary tactics and techniques. ATT&CK is freely
available and is widely used by defenders in industry and
government to find gaps in visibility, defensive tools, and
processes as they evaluate and select options to improve their
network defense.
FireEye Delivered Most Comprehensive Coverage of All Tools
Tested
MITRE evaluations do not constitute a rank, score, or
endorsement. However, the results found that FireEye Endpoint
Security delivered the most coverage against APT29 attacks across
all detection categories including General, Technique, Tactic,
MSSP, and Telemetry.
“There is more than one way to detect a threat. This latest
MITRE evaluation replicating the real-world tactics, techniques,
and procedures (TTPs) employed by APT29 reinforces the importance
of this point,” said Michelle Salvado, Vice President of
Engineering and Endpoint GM at FireEye. “Customers who drill into
the results will see FireEye had the most comprehensive coverage of
all the tested vendors, with the greatest number of total
cumulative detections. This highlights the full strength of our
solution. We continue to know more about the adversary than other
security companies. As attacks evolve, the breadth of detection and
protection that FireEye Endpoint Security and Mandiant Managed
Defense offer becomes much more critical.”
Key FireEye performance highlights include:
- Most comprehensive coverage: FireEye earned the highest
cumulative detections across all categories (General, Technique,
Tactic, MSSP, and Telemetry) among the 21 evaluated vendors. This
includes counts where vendors had more than one way of identifying
a threat for a particular attack tested, signifying depth of
coverage. This is reflective of the adaptive, in-depth defense
approach that allows FireEye to discover malicious activity via
multiple detection techniques.
- Highest number of Technique detections: FireEye earned
the highest number of Technique detections amongst all 21 vendors.
MITRE evaluates the Technique category based on how the tool
provides rich data that answers the question of precisely what was
done and why. This is a measure of how many alerts directly map to
the MITRE ATT&CK framework.
- Highest number of Product detections and Telemetry: This
showcased that not only does FireEye offer the most comprehensive
coverage, but it also provides analysts with enriched raw data to
mitigate and respond to a threat.
- Most comprehensive context around the threat: MITRE
utilized a new detection category (MSSP) to highlight managed
capabilities of EDR vendors. Using detailed investigative reports
and rapid response from Mandiant Managed Defense, FireEye provided
the greatest context around the threats, and with one of the
highest numbers of MSSP category detections.
Resources
Further details on how FireEye Endpoint Security performed in
this MITRE ATT&CK evaluation can be found on the FireEye blog
at
https://www.fireeye.com/blog/products-and-services/2020/04/mitre-evaluation-demonstrates-endpoint-security-managed-defense-detection-leadership.html
or on the MITRE website.
For more details on FireEye Endpoint Security, and to request a
30-day evaluation, visit
https://www.fireeye.com/endpoint, or
take a self-guided tour by visiting
https://content.fireeye.com/product-demo/webpage-endpoint-security-portal
Organizations can validate their own endpoint vendor against
APT29 as well as the key threat actors targeting their industry
using the Mandiant Security Instrumentation Platform (formerly the
Verodin® Security Instrumentation Platform). Request a demo at
https://www.fireeye.com/solutions/verodin-security-instrumentation/request-a-demo.html
Additional information on FireEye Mandiant Managed Defense is
available at
https://www.fireeye.com/solutions/managed-defense.html
About FireEye, Inc.
FireEye is the intelligence-led security company. Working as a
seamless, scalable extension of customer security operations,
FireEye offers a single platform that blends innovative security
technologies, nation-state grade threat intelligence, and
world-renowned Mandiant consulting. With this approach, FireEye
eliminates the complexity and burden of cyber security for
organizations struggling to prepare for, prevent, and respond to
cyber attacks. FireEye has over 8,800 customers across 103
countries, including more than 50 percent of the Forbes Global
2000.
© 2020 FireEye, Inc. All rights reserved. FireEye, Mandiant and
Verodin are registered trademarks or trademarks of FireEye, Inc. in
the United States and other countries. All other brands, products,
or service names are or may be trademarks or service marks of their
respective owners.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20200423005182/en/
Media Inquiries: Media.Relations@FireEye.com Investor Inquiries:
Investor.Relations@FireEye.com
FireEye (NASDAQ:FEYE)
Historical Stock Chart
From Mar 2024 to Apr 2024
FireEye (NASDAQ:FEYE)
Historical Stock Chart
From Apr 2023 to Apr 2024