Today, F-Secure published its analysis of the company’s performance in MITRE Engenuity’s third ATT&CK® Evaluation.
The evaluation pitted F-Secure’s detection and response capabilities against the tactics and techniques of Carbanak and FIN7 – two groups that have compromised financial services and hospitality organizations through the use of sophisticated malware and techniques, resulting in the theft of more than $1 billion across hundreds of businesses over the past five years.
“MITRE’s ATT&CK Evaluations are a great way for organizations to learn about F-Secure’s ability to provide visibility into attacks from some of today’s most notorious threat actors,” said F-Secure Product Manager Michael Greaves.
“Giving defenders visibility into all stages of an attack provides them with more opportunities to detect and contain intrusions while they’re in progress. This is the third MITRE Engenuity ATT&CK® Evaluation we’ve participated in, and we’re pleased these tests have consistently proven that our products provide information about different parts of the attack chain that defenders need to mount an effective response to incidents.”
Each year, MITRE Engenuity conducts independent evaluations of cyber security products to help government and industry make better decisions to combat security threats and improve industry’s threat detection capabilities.
In the past few months, 29 vendors participated in the Carbanak and FIN7 evaluations – up from the 12 key players that participated in the first ATT&CK Evaluation.
The ATT&CK Evaluations team chose to emulate Carbanak and FIN7 because they target a wide range of industries for financial gain, whereas prior emulated groups were more focused on espionage.
The MITRE Engenuity ATT&CK Evaluations team always balances previously tested techniques with untested techniques and variation to best capture how the defensive solutions are evolving to address a diverse set of threats.
“MITRE’s evaluations empower the security community to make more informed decisions through a transparent evaluation process and we’re glad that F-Secure participated in this important test, along with multiple other vendors,” said Frank Duff, MITRE ATT&CK Evaluations Lead. “Using the MITRE ATT&CK framework as the benchmark, and our publicly available results, users can explore how F-Secure detected our emulated adversary behavior of Carbanak and FIN7. Working together, these evaluations can make cyberspace safer for everyone.”
For more such updates follow us on Google News ITsecuritywire News.