Creating Impact in Threat-Informed Defense. Read the Center’s 2022 Impact Report.

logo
        • Who We Are
        • Learn more about MITRE Engenuity’s journey as a hub for transformative innovation.

        • How We Engage
        • We forge innovative partnerships to generate whole-of-nation solutions to complex technological problems.

        • Contact Us
        • Connect with a member of the MITRE Engenuity team and ensure your inquiry gets to the right people.

        • Semiconductors
        • Dive into the revolutionary work that MITRE Engenuity is doing within this critical ecosystem.

        • Circuit Talk
        • Hear directly from the semiconductor experts through our speaker series featuring titans of industry, groundbreaking researchers, and many more.

        • Cybersecurity
        • We are relentlessly advancing the art of threat-informed defense, anchored by a belief that we can improve our defenses with a systemic application of a deep understanding of adversary tradecraft and technology.

        • ATT&CK Evaluations
        • We offer objective analysis of cyber products and features – see our latest results.

        • Center for Threat-Informed Defense
        • Read more about the cutting-edge research and development being done with input from our participant organizations, featuring some of the top security operations centers.

        • MITRE ATT&CK Defender
        • Strengthen your threat-informed defense capabilities with our cybersecurity trainings taught by MITRE ATT&CK subject matter experts.

        • Telecom
        • The transformative power of 5G shifts paradigms across industries and empowers businesses to change the way they interact with people. See how MITRE Engenuity is impacting the next generation of telecommunications. 

        • Open Generation 5G Consortium
        • We are getting to our 5G future faster. Discover how we are accelerating network technology and device-to-device application innovation through use case-focused R&D in the Open Generation 5G Consortium.

        • Health
        • We identify potential health security threats to ensure faster public health pandemic responses and incubate new ideas to ensure national health security.

        • Growing Impact
        • We deliver positive public impact through advanced technological innovation projects.

        • Cyber Risk Model for Mobile Digital Financial Services: Securing Mobile Money Services. Explore Our Cyber Risk Model for Mobile Financial Services product
        • Embedded Capture the Flag: Developing Tomorrow's Cyber Workforce Today. Get Involved with MITRE's Embedded Capture the Flag Competition
        • News & Insights
        • We are leading the leading edge of innovation. Explore the latest news, insights, R&D, and special projects from our advanced tech experts and partners.

ATT&CK EVALUATIONS:

Our Evaluations

Earn the community’s trust

ATT&CK Evaluations are trusted by the end-user community because they are built on MITRE’s objective insight and conflict-free perspective. Each vendor evaluation is independently assessed on their unique approach to threat detection. Evaluation rounds are not a competitive analysis, they do not showcase scores, rankings, or ratings and are transparent and openly published.

Drone flying under sunset sky
person using phone and laptop

IMPROVE YOUR SOLUTION TO BETTER DEFEND AGAINST THE ADVERSARY

As described in the ATT&CK knowledge base, the assessments offer unbiased feedback and a chance for you to reflect on your technology. Evaluations help you to better understand your capabilities and limitations, which motivates future improvement, making solutions better and the world safer.

Participants Supporting the Mission

Our mission is to make a safer world with a threat-informed defense approach to security. We value the participant organizations that have joined us in this mission, by providing transparency into capabilities and applying the lessons learned towards improvement in product roadmaps.

ctid collaborative r&d

CURRENTLY EVALUATING

ATT&CK EVALUATIONS IS EMULATING THE TURLA THREAT GROUP

ATT&CK® Evaluations is currently emulating and evaluating enterprise providers for defenses against the Russian-based threat group, Turla, that has infected victims in over 45 countries. Evaluation results will be released in 2023.

ATT&CK Evaluations Offerings

The ATT&CK Evaluations program applies a systematic methodology using a threat-informed purple teaming approach, but also continues to develop new methodologies, open new rounds of evaluations, publish results, and create content for running independent evaluations and using the results more effectively.

Enterprise

Empowers end-users to make more informed decisions on endpoint detection capabilities by articulating how each vendor can protect against or detect adversary behavior.

Managed Services

Designed to provide transparent and impartial insights into how managed security service providers (MSSPs) and managed detection and response (MDR) capabilities provide context to adversary behavior.

Industrial Control Systems (ICS)

Brings clarity around anomaly and threat detection capabilities of industrial control systems security solutions.

Trials

An exploratory new program designed to help niche solutions providers realistically describe their strengths in defending against known adversary behavior.

Managed Services 2023 Call for Participation

If you’re a managed services provider looking to help current and prospective clients understand more about how your service addresses known adversary behavior, Evaluations are a phenomenal platform to showcase your service and highlight your competitive advantage to your audience. We recommend that organizations explore participation if they are looking to:

  • Earn the community’s trust. Evaluation rounds are transparent and openly published.
  • Improve your capabilities and learn to better defend against the adversary. 
MITRE ATTACK Evals Managed Services 2023 Badge

Our Methodology, Led by the world’s purple teaming experts

Purple teaming exercises simulate attacks by major cyber threat actors based on the threat intelligence collected in the ATT&CK framework. This captures critical context around a solution’s ability to detect or protect against known adversary behavior as defined by the ATT&CK knowledge base. Results from each evaluation are thoroughly documented and openly published. The process is methodical and rigorous, encompassing nine unique steps across three distinct phases:

  • Design
  • Select a threat (incident, group, malware, etc)
  • Create the emulation plan
  • Develop the emulation
  • Execute
  • Access the environment
  • Deploy the solution
  • Perform the evaluation
  • Release
  • Process the results
  • Receive feedback
  • Publish the results

Get In Touch

Learn more about how you can get involved with MITRE Engenuity.

Contact us

Stay informed.

Sign up for news about MITRE Engenuity and the critical technical challenges facing our nation and world.

Subscribe to updates