Bitdefender, a global cybersecurity leader, announced exceptional results in the 2024 MITRE Engenuity ATT&CK® Enterprise Evaluations. Bitdefender demonstrated unmatched efficiency, requiring an average of just three alerts to identify and report incidents to the security operations center (SOC), far surpassing the median of 209 alerts from other tested solutions. The evaluations, conducted through rigorous independent tests simulating adversary behavior and techniques, assessed the detection and protection capabilities of 19 participating vendors. This year, MITRE introduced two new key metrics—‘Total Alerts Generated’ and ‘False Positives’—to better measure the actionability and effectiveness of vendor solutions.

Cyber Technology Insights: Jetico Unveils Tool for Easy Data Discovery & Wiping

“Security teams are under pressure to improve response time as ransomware and sophisticated state-sponsored attacks become more frequent”

“Security teams are under pressure to improve response time as ransomware and sophisticated state-sponsored attacks become more frequent,” said Dragos Gavrilut, vice president of threat research at Bitdefender. “Improving efficiency within teams and inside SOCs is what matters most to security practitioners. Bitdefender’s ability to increase threat visibility through detailed, actionable alerts with low false positives to quickly remediate threats before they do severe damage is what sets us apart, with independent tests like the MITRE ATT&CK Evaluations helping to serve as validation.”

The 2024 ATT&CK Evaluations tested cybersecurity vendors on their ability to detect techniques and tactics from two adversary focus areas: ransomware campaigns (specifically Cl0p and LockBit) targeting Windows and Linux, and macOS attacks linked to the Democratic People’s Republic of Korea (DPRK). These tests emulated common ransomware behaviors, such as the abuse of legitimate tools, data encryption, and disabling critical services, while the macOS evaluation highlights DPRK-inspired multi-staged and modular malware used to elevate privileges and target credentials.

Each participant was evaluated based on detection rates and their performance in the framework’s attack kill chain, spanning from initial compromise to the final stage of execution. This year, MITRE introduced two key changes to the evaluation process: False Positives and Reporting on Total Generated Alerts. The False Positives metric assessed the accuracy of detections by measuring instances where a benign activity is incorrectly flagged as malicious, while Reporting on Total Generated Alerts evaluated the volume and quality of alerts generated, ensuring a balance between comprehensive detection and operational efficiency.

Alongside outstanding performance around alert actionability, Bitdefender achieved 100% analytical coverage and zero false positives in both Linux and macOS environments with overall analytical coverage at 91% with just six false positives, well above the average of all participating vendors.

MITRE Engenuity evaluated Bitdefender GravityZone Platform, a unified security and risk analytics platform that provides advanced endpoint protection including endpoint detection and response (EDR), extended detection and response (XDR) and cloud security for physical, virtual, and multi-cloud environments. The platform delivers deep security context to detections and offers a direct path to Bitdefender Managed Detection and Response (MDR) services.

In addition to excelling in the MITRE Engenuity ATT&CK Enterprise Evaluations 2024, Bitdefender was also a top performer in the 2024 ATT&CK Evaluation for Managed Services. Bitdefender’s MDR services were evaluated on the ability to detect, analyze, and describe adversary behavior. Bitdefender delivered near-total coverage across all steps (no vendor achieved complete coverage) and achieved the highest result (32% above the average) in the category of Actionability, a measurement of whether a SOC analyst is provided with enough information in the alert to take immediate action. These results highlight the effectiveness of the GravityZone Platform in real-world security operations.

Cyber Technology Insights: Cybernet Evolution Achieves 100% Password Management

To participate in our interviews, please write to our CyberTech Media Room at news@intentamplify.com

Source – Businesswire