ATT&CK® Evaluations

The MITRE Engenuity ATT&CK® Evaluations (Evals) program brings together product and service providers with MITRE experts to collaborate in evaluating security solutions. The Evals process applies a systematic methodology using a threat-informed purple teaming approach to capture critical context around a solution’s ability to detect or protect against known adversary behavior as defined by the ATT&CK knowledge base. Results from each evaluation are thoroughly documented and openly published.

Just Released

Results from Fourth Round of Enterprise Evaluations Emulate Wizard Spider and Sandworm Threat Groups

Garner the community’s trust through transparency

Defenders use Evals to make better-informed decisions on leveraging the products that secure their networks. The end-user community trusts Evals because of MITRE’s objective insight and conflict-free perspective. Each vendor evaluation is independently assessed on their unique approach to threat detection. Evaluation rounds are not a competitive analysis; they do not showcase scores, rankings, or ratings and are transparent and openly published.

Improve the efficacy of solutions with MITRE experts

The Evals program follows a rigorous, transparent methodology that uses a collaborative, purple-teaming approach. Evaluations are based on ATT&CK for alignment to a standard lexicon understood by security practitioners from offensive and defensive perspectives. The evaluations are measurable and repeatable, making them useful for continual assessments of incremental improvements.

Articulate the efficacy of your capabilities against adversary behaviors

Evaluation Opportunities by Industry

The ATT&CK Evaluations program continues to develop new methodologies, and open new rounds of evaluations. Currently, there are four types of ongoing ATT&CK Evaluations available.

Evaluations for Enterprise

MITRE Engenuity ATT&CK® Evaluation for Enterprise empowers end-users to make more informed decisions on endpoint detection capabilities by articulating how each vendor can protect against or detect adversary behavior.

More About Enterprise Evaluations →

Evaluations for Managed Services

MITRE Engenuity ATT&CK® Evaluation for Managed Services provides transparent and impartial insights into how managed security service providers (MSSPs) and managed detection and response (MDR) capabilities provide context of adversary behavior.

More About Managed Services Evaluations →

Evaluations for Industrial Control Systems

MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS) clarify anomaly and threat detection capabilities of industrial control systems security solutions.

Call for Participation Now Open

More About
ICS Evaluations →

Evaluations: Trials

MITRE Engenuity ATT&CK® Evaluation: Trials which will allow more capabilities—that do not fit in the aforementioned categories—to  be evaluated. The first Trial is for Deceptions.

More About Evaluation: Trials →


Sign up to test your cybersecurity technology and acquire unbiased feedback.


Our Mission

Our mission is to make a safer world with a threat-informed defense approach to security, and we value the participant organizations that have joined us in this mission.

The ATT&CK® Evaluations program continues to develop new methodologies, open new rounds of evaluations, publish results, and create content so you can run your own evaluations or use our results more effectively. Signup to our mailing list if you would like to be informed when we release new content and open call for participations.
jQuery(window).on('load',function(){ var maxHeight = -1; jQuery('.equal-height .dsm_card_wrapper').each(function() { maxHeight = maxHeight > jQuery(this).height() ? maxHeight : jQuery(this).height(); }); jQuery('.equal-height .dsm_card_wrapper').each(function() { jQuery(this).height(maxHeight); }); jQuery('.more-about-link').each(function(){ jQuery(this).css("position","absolute").css("bottom","30px"); }); });