CrowdStrike Achieves 99% Detection Coverage in First-Ever MITRE Engenuity ATT&CK Evaluations for Security Service Providers
09 Novembro 2022 - 11:00AM
Business Wire
CrowdStrike Falcon platform excelled in MITRE
evaluation with superior technology, elite services, integrated
threat intelligence and proactive threat hunting
CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered
protection of endpoints, cloud workloads, identity and data, today
announced its results in the first-ever MITRE Engenuity ATT&CK
Evaluations for security service providers. The CrowdStrike Falcon®
platform achieved 99% detection coverage of adversary behavior
(reporting 75 of the 76 adversary techniques) out of the 16 vendors
evaluated.
This inaugural round of MITRE ATT&CK Evaluations tested
vendors by emulating the tactics, techniques and procedures (TTPs)
of OilRig (also known as HELIX KITTEN), the adversary group with
operations aligned to the strategic objectives of the Iranian
government. Vendors were asked to accurately identify malicious
activity and associate it to the adversary and corresponding steps
in the MITRE ATT&CK framework. Unique to the evaluation, MITRE
employed a closed book version of adversary emulation, whereby
vendors did not know the adversary until after the execution was
complete.
The CrowdStrike Falcon platform shined in MITRE’s evaluation
with its Managed Detection and Response (MDR) offering –
CrowdStrike Falcon Complete – which is rooted in industry-leading
Endpoint Detection and Response (EDR), eXtended Detection and
Response (XDR) and Managed Threat Hunting capabilities. The
CrowdStrike Falcon platform identified the tradecraft of the
emulated adversary (HELIX KITTEN) within minutes, resulting in
superior detection coverage to drive rapid, end-to-end response.
Speed is critical, as the average breakout time (i.e. the time, on
average, it takes an adversary to move laterally from initial
compromise to other hosts within the victim environment) is 84
minutes according to the 2022 Falcon OverWatch Threat Hunting
Report.
“We believe MITRE's evaluation demonstrates why CrowdStrike is a
clear leader in EDR/XDR, whether our capabilities are delivered as
a fully managed service from CrowdStrike or our network of MSSP
partners, or operated independently by our customers. The closed
book test provides an opportunity to show how security platforms
operate against adversary tradecraft in a real-world setting, as
vendors have no prior knowledge to guide their actions,” said
Michael Sentonas, chief technology officer at CrowdStrike.
“Achieving a near 100% detection coverage further validates our
platform’s effectiveness and ease of use, as well as our pioneering
MDR services, which are trusted to stop breaches for thousands of
organizations worldwide.”
Additional Resources
- CrowdStrike will host a webinar on Thursday, November 10 at 8
a.m. PT for an in-depth overview of the MITRE Engenuity ATT&CK
Evaluations for Security Service Providers.
- For more information on CrowdStrike’s results and CrowdStrike
Falcon Complete, please visit the blog.
- For full results and more information about the evaluations,
please visit the MITRE Engenuity website.
About MITRE Engenuity
MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for
the public good. MITRE’s mission-driven teams are dedicated to
solving problems for a safer world. Through our public-private
partnerships and federally funded R&D centers, we work across
government and in partnership with industry to tackle challenges to
the safety, stability, and well-being of our nation.
MITRE Engenuity brings MITRE’s deep technical know-how and
systems thinking to the private sector to solve complex challenges
that government alone cannot solve. MITRE Engenuity catalyzes the
collective R&D strength of the broader U.S. federal government,
academia, and private sector to tackle national and global
challenges, such as protecting critical infrastructure, creating a
resilient semiconductor ecosystem, building a genomics center for
public good, accelerating use case innovation in 5G, and
democratizing threat-informed cyber defense.
About CrowdStrike
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has
redefined modern security with one of the world’s most advanced
cloud-native platforms for protecting critical areas of enterprise
risk – endpoints and cloud workloads, identity and data.
Powered by the CrowdStrike Security Cloud and world-class AI,
the CrowdStrike Falcon® platform leverages real-time indicators of
attack, threat intelligence, evolving adversary tradecraft and
enriched telemetry from across the enterprise to deliver
hyper-accurate detections, automated protection and remediation,
elite threat hunting and prioritized observability of
vulnerabilities.
Purpose-built in the cloud with a single lightweight-agent
architecture, the Falcon platform delivers rapid and scalable
deployment, superior protection and performance, reduced complexity
and immediate time-to-value.
CrowdStrike: We stop breaches.
Learn more: https://www.crowdstrike.com/ Follow us: Blog |
Twitter | LinkedIn | Facebook | Instagram Start a free trial today:
https://www.crowdstrike.com/free-trial-guide/
© 2022 CrowdStrike, Inc. All rights reserved. CrowdStrike, the
falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are
marks owned by CrowdStrike, Inc. and registered with the United
States Patent and Trademark Office, and in other countries.
CrowdStrike owns other trademarks and service marks, and may use
the brands of third parties to identify their products and
services.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20221109005445/en/
Kevin Benacci CrowdStrike Corporate Communications
press@crowdstrike.com
CrowdStrike (NASDAQ:CRWD)
Gráfico Histórico do Ativo
De Mar 2024 até Abr 2024
CrowdStrike (NASDAQ:CRWD)
Gráfico Histórico do Ativo
De Abr 2023 até Abr 2024