• Who We Are
        • Learn more about MITRE Engenuity’s journey as a hub for transformative innovation.

        • How We Engage
        • We forge innovative partnerships to generate whole-of-nation solutions to complex technological problems.

        • Contact Us
        • Connect with a member of the MITRE Engenuity team and ensure your inquiry gets to the right people.

        • Cybersecurity
        • We are relentlessly advancing the art of threat-informed defense, anchored by a belief that we can improve our defenses with a systemic application of a deep understanding of adversary tradecraft and technology.

        • ATT&CK Evaluations
        • We offer objective analysis of cyber products and features – see our latest results.

        • Center for Threat-Informed Defense
        • Read more about the cutting-edge research and development being done with input from our participant organizations, featuring some of the top security operations centers.

        • Developing tomorrow's cyber workforce today.
        • News & Insights
        • We are leading the leading edge of innovation. Explore the latest news, insights, R&D, and special projects from our advanced tech experts and partners.

        • Subscribe to Our Newsletters
        • Our tech foundation is addressing the complex problems that face our nation today. Find out how you can join our efforts as we spur innovation for public good.


MITRE Engenuity Publishes First-Ever ATT&CK® Evaluations of Security Service Providers & Their Threat-Informed Defense Capabilities

MITRE Engenuity ATT&CK Evaluations Managed Services Oil Rig 2022 Badge

McLean, Va. & Bedford, Mass., November 9, 2022 — MITRE Engenuity ATT&CK® Evaluations (Evals), a program of MITRE Engenuity™, MITRE’s tech foundation for public good, announced the results of its first-ever independent ATT&CK Evaluations for security service providers. The evaluations highlighted results across 16 providers and assessed provider capabilities in their ability to analyze and describe adversary behavior. 

“More than half of organizations use security service providers to protect their data and networks. We wanted to research how they are employing threat-informed defense practices for their clients,” said Ashwin Radhakrishnan, general manager, ATT&CK Evaluations, MITRE Engenuity. “We don’t rank the vendors in our evaluations. Organizations, however, can use the evaluations to determine which service providers may best address their own cybersecurity gaps and fit their particular business needs.” 

Evals’ expert purple teamers have in-depth knowledge of the threat landscape and adversary tradecraft. Through the lens of the MITRE ATT&CK knowledge base, the team emulated the tactics and techniques of OilRig, a threat actor with operations aligning to the strategic objectives of the Iranian government. OilRig has conducted operations relying on social engineering, stolen credentials, and supply chain attacks, resulting in the theft of sensitive data from critical infrastructure, financial services, government, military, and telecommunications. This threat actor used in evaluating the security service providers was chosen based on its evasion and persistence techniques, its complexity, and its relevancy to industry.  

Participants in the evaluations included Atos, Bitdefender, BlackBerry, BlueVoyant, Critical Start, CrowdStrike, Microsoft, NVISO, OpenText, Palo Alto Networks, Rapid7, Red Canary, SentinelOne, Sophos, Trend Micro, and WithSecure. 

For more details about the evaluations and their results, visit https://attackevals.mitre-engenuity.org/managed-services/oilrig 

Background on Tracking Confidence in Security Service Providers 

Prior to the evaluations in 2021, MITRE Engenuity conducted research with Cybersecurity Insiders, an online community of more than 400,000 information security professionals worldwide, to understand the state of affairs in security services. The 2021 Managed Services Report, No Rest for the Wary, found that most respondents (68%) used security services, yet nearly half (47%) were not confident in the service technology or people. At the same time, when asked whether teams conduct offensive testing before the selection process, 59% of respondents claimed to conduct offensive testing on products while only 53% conducted testing on services.  



About MITRE Engenuity 

MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation. 

MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense. www.mitre-engenuity.org   

About MITRE Engenuity ATT&CK®Evaluations 

ATT&CK® Evaluations (Evals) is built on the backbone of MITRE’s objective insight and conflict-free perspective. Cybersecurity vendors turn to the Evals program to improve their offerings and to provide defenders with insights into their product’s capabilities and performance. Evals enables defenders to make better informed decisions on how to leverage the products that secure their networks. The program follows a rigorous, transparent methodology, using a collaborative, threat-informed, purple-teaming approach that brings together vendors and MITRE experts to evaluate solutions within the context of ATT&CK. In line with MITRE Engenuity’s commitment to serve the public good, Evals results and threat emulation plans are freely accessible. 

Media: Lisa Fasold, media@mitre.org  

©2022 MITRE #22-3344 11-09-2022  

© 2022 MITRE Engenuity, LLC. Approved for Public Release. Document Number AT0035