Request a Demo

Cynet 2022 MITRE ATT&CK Evaluation Results

Wizard Spider and Sandworm Edition

Watch the Webinar

Cynet performed strongly in the 2022 MITRE ATT&CK Evaluation, outperforming most vendors in several key areas. Here are the top achievements:

  • Cynet achieved 100% visibility and detection across each of the 19 MITRE ATT&CK steps evaluated
  • Cynet achieved 100% prevention rate across the 9 tests conducted by MITRE
  • Cynet is #3 vendor in number of prevented attacks and in speed of prevention in total
  • Cynet is #3 vendor in detection coverage (98.2%) across the 109 sub-steps conducted in the MITRE ATT&CK® Evaluation

MITRE ATT&CK Evaluation

Wizard Spider and Sandworm Edition

Selecting the right cybersecurity technology remains an arduous task. As the vendor market expands and newer technologies emerge, like Extended Detection and Response (XDR), evaluating competing solutions is prohibitively time-consuming. Other than running a time and resource-consuming proof of value (POV) evaluation – a live trial – in your environment and getting trusted client references, evaluating real-world capabilities is difficult.

Fortunately, MITRE developed a testing methodology to objectively evaluate endpoint security solutions based on the highly regarded MITRE ATT&CK framework. The evaluation tests the endpoint protection solutions against a simulated attack sequence based on real-life approaches taken by well-known Advanced Persistent Threat (APT) groups. The most recent MITRE ATT&CK evaluation included 30 vendor solutions using attack sequences based on the Wizard Spider and Sandworm threat groups.

As in the past, MITRE does not rank or score vendor results. Instead, the raw test data is published along with some basic online comparison tools. Buyers can use the data to evaluate the vendors as they see fit based on their company’s unique priorities and needs. But the results are not presented in the familiar four-quadrant matrix or ranked using common analyst methodology, making it hard for people to know how to best use the results in their search.

Vendor selection is not a one-size-fits-all methodology. This guide provides advice and considerations for how to use the MITRE ATT&CK results as one component of your selection criteria as you determine which vendor will meet your specific needs.

Key Cynet Performance Takeaways

Cynet achieved 100% visibility and detection across each of the 19 MITRE ATT&CK steps evaluated. Cynet achieved 100% protection rate across all 9 tests conducted by MITRE.

Cynet detected 98.5% of the techniques presented (65 of 66 unique techniques) in the MITRE ATT&CK Evaluation, demonstrating the platform’s ability to provide visibility and protection across the entire ATT&CK® Kill Chain.

Cynet prevented 88% of attacks before any further infiltration (sub-steps) could take place in the test environment. Cynet’s prevention capabilities were among the three top performers.

Cynet was among the top three performers in speed of protection, detecting most attacks in the first step. Detecting and preventing threats as early as possible in the attack lifecycle is critical in order to deny the adversary a foothold into your environment.

Another interesting perspective is comparing Overall Detection with Overall Protection. Overall Detection is the total number of attack steps detected across all 109 sub-steps. Overall Prevention measures how early in the attack sequence the threat was detected so that subsequent steps could not execute. Both are important measurements and are indicative of a strong endpoint detection solution. Cynet was among the top 4 performers in this year’s test.

Let’s Get Started

Ready to extend visibility, threat detection and response?

Request a Demo

See Cynet 360 AutoXDR™ in Action

Prefer a one-on-one demo? Click here

By clicking next I consent to the use of my personal data by Cynet in accordance with Cynet's Privacy Policy and by its partners