MITRE Engenuity ATT&CK Evaluations
Overview, Goals, and Scope
Since MITRE introduced ATT&CK in May 2015, the practitioner community has come to rely on it to enable better communications and management around cybersecurity. The ATT&CK Evaluations provide vendors with assessments of their ability to defend against specific adversary tactics and techniques. MITRE emulates known adversary behavior to ensure the evaluation is threat-informed, and carefully selects adversaries that allow us to exercise common ATT&CK techniques. In addition, this pushes the market to secure the world’s networks more effectively. MITRE openly publishes the results to provide industry end-users of these cybersecurity products with the information they need to make good decisions about what is best for their organizations.
There are no scores, rankings, or ratings. Instead, MITRE shows how each vendor approaches threat detection in the context of the ATT&CK knowledge base. MITRE strategically selects adversaries to inspire evaluation methodology, and freely publishes results. This process provides an unbiased assessment of detection and protection capabilities, as well as highlighting potential gaps to drive the industry forward.
The intent of the test is to demonstrate the ability of Fortinet’s strong behavior-based detection through the emulation of an attack selected by the MITRE Engenuity Foundation.
FortiEDR blocked all attack scenarios.
FortiEDR blocked all attacks only using machine learning and behavior-based detection.
FortiEDR provides a unified approach to protection, detection, and response.