• Who We Are
        • Learn more about MITRE Engenuity’s journey as a hub for transformative innovation.

        • How We Engage
        • We forge innovative partnerships to generate whole-of-nation solutions to complex technological problems.

        • Contact Us
        • Connect with a member of the MITRE Engenuity team and ensure your inquiry gets to the right people.

        • Cybersecurity
        • We are relentlessly advancing the art of threat-informed defense, anchored by a belief that we can improve our defenses with a systemic application of a deep understanding of adversary tradecraft and technology.

        • ATT&CK Evaluations
        • We offer objective analysis of cyber products and features – see our latest results.

        • Center for Threat-Informed Defense
        • Read more about the cutting-edge research and development being done with input from our participant organizations, featuring some of the top security operations centers.

        • Developing tomorrow's cyber workforce today.
        • News & Insights
        • We are leading the leading edge of innovation. Explore the latest news, insights, R&D, and special projects from our advanced tech experts and partners.

        • Subscribe to Our Newsletters
        • Our tech foundation is addressing the complex problems that face our nation today. Find out how you can join our efforts as we spur innovation for public good.


New round of MITRE Engenuity’s ATT&CK® Evaluations Calls for Participation for Enterprise Cybersecurity Solutions

ATT&CK Evaluations to examine behaviors across ransomware with an introduction to macOS

McLean, Va., and Bedford, Mass., January 30, 2024 — MITRE Engenuity opened its call for participation in ATT&CK® Evaluations, an independent and objective assessment of enterprise cybersecurity solutions. This sixth round of evaluations will examine common behaviors that are prevalent across prolific ransomware campaigns and feature an introduction into macOS, specifically focusing on macOS targeting by the Democratic People’s Republic of Korea (DPRK).

“We’re thrilled to broaden the scope of ATT&CK Evaluations to include macOS, emphasizing our commitment to comprehensive, platform-diverse assessments,” said William Booth, general manager, ATT&CK Evals. “This round will feature new insights, with a particular focus on efficiency, including true positive and false positive rates, which more accurately reflect the real-world performance of a tool.”

Through the lens of the MITRE ATT&CK knowledge base, this round of evaluations will focus on key adversary behaviors inspired by ransomware, such as the abuse of legitimate tools and efforts to evade defenses. The macOS emulation will delve into adversary behavior inspired by the DPRK’s shift into developing sophisticated, multi-stage malware.

“We chose to emulate ransomware, as it continues to be one of the most significant cybercriminal threats across industry verticals – one that can lead to devastating outcomes and widespread damage,” said Amy Robertson, principal, cyber threat intelligence analyst, ATT&CK Evals. “The DPRK has emerged as a formidable cyber threat, and they have progressively been expanding their focus to macOS as they work to evade international sanctions. This round will also incorporate multiple smaller emulations, introducing a more nuanced and targeted evaluation of defensive capabilities.”

These open and fair evaluations are part of MITRE Engenuity’s portfolio of programs to help government and industry combat cybersecurity attacks through threat-informed defense practices. The evaluations do not rank vendors and their solutions; however, organizations can use the results to determine which vendors and solutions may best address their own cybersecurity gaps and fit their particular business needs.

Participants must sign up for the evaluations by April 30, 2024. Results of the evaluations will be posted in the fourth quarter of 2024. For results of previous evaluations, visit https://attackevals.mitre-engenuity.org


MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.

MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense. www.mitre-engenuity.org


ATT&CK® Evaluations is built on the backbone of MITRE’s objective insight and conflict-free perspective. Cybersecurity vendors turn to the Evals program to improve their offerings and to provide defenders with insights into their product’s capabilities and performance. Evals enables defenders to make better informed decisions on how to leverage the products that secure their networks. The program follows a rigorous, transparent methodology, using a collaborative, threat-informed, purple-teaming approach that brings together vendors and MITRE experts to evaluate solutions within the context of ATT&CK. In line with MITRE Engenuity’s commitment to serve the public good, Evals results and threat emulation plans are freely accessible. https://attackevals.mitre-engenuity.org/

Media Contact: Lisa Fasold, media@mitre.org

© 2024 MITRE #24-0267 01-30-2024