ATT&CK EVALUATIONS:

Our Evaluations

Earn the community’s trust

ATT&CK Evaluations are trusted by the end-user community because they are built on MITRE’s objective insight and conflict-free perspective. Each vendor evaluation is independently assessed on their unique approach to threat detection. Evaluation rounds are not a competitive analysis, they do not showcase scores, rankings, or ratings and are transparent and openly published.

Drone flying under sunset sky
person using phone and laptop

IMPROVE YOUR SOLUTION TO BETTER DEFEND AGAINST THE ADVERSARY

As described in the ATT&CK knowledge base, the assessments offer unbiased feedback and a chance for you to reflect on your technology. Evaluations help you to better understand your capabilities and limitations, which motivates future improvement, making solutions better and the world safer.

Participants Supporting the Mission

Our mission is to make a safer world with a threat-informed defense approach to security. We value the participant organizations that have joined us in this mission, by providing transparency into capabilities and applying the lessons learned towards improvement in product roadmaps.

ctid collaborative r&d

Evaluation Complete

ATT&CK Evaluations Emulated the Turla Threat Group

ATT&CK® Evaluations has completed emulating and evaluating enterprise providers for defenses against the Russian-based threat group, Turla, that has infected victims in over 450 countries. Evaluation results are now available.

Managed Services 2023 Call for Participation Has Closed

Managed Services evaluations invites managed services providers to understand how their service addresses know adversary behavior, which helps their current and prospective clients. Evaluations are a phenomenal platform to showcase your service and highlight your competitive advantage to your audience. 

​Managed Services evaluation results help to:

  • Earn the community’s trust. Evaluation rounds are transparent and openly published.
  • Improve your capabilities and learn to better defend against the adversary. 

If you missed this opportunity, you may still be eligible to participate in a future evaluation. ​

ATT&CK Evaluations Offerings

The ATT&CK Evaluations program applies a systematic methodology using a threat-informed purple teaming approach, but also continues to develop new methodologies, open new rounds of evaluations, publish results, and create content for running independent evaluations and using the results more effectively.

Enterprise

Empowers end-users to make more informed decisions on endpoint detection capabilities by articulating how each vendor can protect against or detect adversary behavior.

Managed Services

Designed to provide transparent and impartial insights into how managed security service providers (MSSPs) and managed detection and response (MDR) capabilities provide context to adversary behavior.

Industrial Control Systems (ICS)

Brings clarity around anomaly and threat detection capabilities of industrial control systems security solutions.

Trials

An exploratory new program designed to help niche solutions providers realistically describe their strengths in defending against known adversary behavior.

Our Methodology,

Led by the world’s purple teaming experts

Purple teaming exercises simulate attacks by major cyber threat actors based on the threat intelligence collected in the ATT&CK framework. This captures critical context around a solution’s ability to detect or protect against known adversary behavior as defined by the ATT&CK knowledge base. Results from each evaluation are thoroughly documented and openly published. The process is methodical and rigorous, encompassing nine unique steps across three distinct phases:

  • Design
  • Select a threat (incident, group, malware, etc)
  • Create the emulation plan
  • Develop the emulation
  • Execute
  • Access the environment
  • Deploy the solution
  • Perform the evaluation
  • Release
  • Process the results
  • Receive feedback
  • Publish the results

Get In Touch

Learn more about how you can get involved with MITRE Engenuity.

Contact us

Stay informed.

Sign up for news about MITRE Engenuity and the critical technical challenges facing our nation and world.

Subscribe to updates