ATT&CK EVALUATIONS:
Our Evaluations
Earn the community’s trust
ATT&CK Evaluations are trusted by the end-user community because they are built on MITRE’s objective insight and conflict-free perspective. Each vendor evaluation is independently assessed on their unique approach to threat detection. Evaluation rounds are not a competitive analysis, they do not showcase scores, rankings, or ratings and are transparent and openly published.
IMPROVE YOUR SOLUTION TO BETTER DEFEND AGAINST THE ADVERSARY
As described in the ATT&CK knowledge base, the assessments offer unbiased feedback and a chance for you to reflect on your technology. Evaluations help you to better understand your capabilities and limitations, which motivates future improvement, making solutions better and the world safer.
Participants Supporting the Mission
Our mission is to make a safer world with a threat-informed defense approach to security. We value the participant organizations that have joined us in this mission, by providing transparency into capabilities and applying the lessons learned towards improvement in product roadmaps.
Evaluation Complete
ATT&CK Evaluations Emulated the Turla Threat Group
ATT&CK® Evaluations has completed emulating and evaluating enterprise providers for defenses against the Russian-based threat group, Turla, that has infected victims in over 450 countries. Evaluation results are now available.
Managed Services 2023 Call for Participation Has Closed
Managed Services evaluations invites managed services providers to understand how their service addresses know adversary behavior, which helps their current and prospective clients. Evaluations are a phenomenal platform to showcase your service and highlight your competitive advantage to your audience.Â
​Managed Services evaluation results help to:
- Earn the community’s trust. Evaluation rounds are transparent and openly published.​
- Improve your capabilities and learn to better defend against the adversary.Â
If you missed this opportunity, you may still be eligible to participate in a future evaluation. ​
ATT&CK Evaluations Offerings
The ATT&CK Evaluations program applies a systematic methodology using a threat-informed purple teaming approach, but also continues to develop new methodologies, open new rounds of evaluations, publish results, and create content for running independent evaluations and using the results more effectively.
Enterprise
Empowers end-users to make more informed decisions on endpoint detection capabilities by articulating how each vendor can protect against or detect adversary behavior.
Managed Services
Designed to provide transparent and impartial insights into how managed security service providers (MSSPs) and managed detection and response (MDR) capabilities provide context to adversary behavior.
Industrial Control Systems (ICS)
Brings clarity around anomaly and threat detection capabilities of industrial control systems security solutions.
Trials
An exploratory new program designed to help niche solutions providers realistically describe their strengths in defending against known adversary behavior.
Our Methodology,
Led by the world’s purple teaming experts
Purple teaming exercises simulate attacks by major cyber threat actors based on the threat intelligence collected in the ATT&CK framework. This captures critical context around a solution’s ability to detect or protect against known adversary behavior as defined by the ATT&CK knowledge base. Results from each evaluation are thoroughly documented and openly published. The process is methodical and rigorous, encompassing nine unique steps across three distinct phases:
-
-
-
-
-
Execute
-
-
-
-
Release
-
-
-
Stay informed.
Sign up for news about MITRE Engenuity and the critical technical challenges facing our nation and world.