Fast, informative detections power F-Secure’s performance in 2nd MITRE ATT&CK evaluation
- 24.04.2020 11:04 am
Cyber security provider F-Secure has successfully completed its second MITRE ATT&CK® evaluation. F-Secure’s comprehensive protection against a wide variety of the tactics, techniques, and procedures (TTPs) used in targeted attacks, as well as its ability to quickly arm defenders with actionable intelligence to help them respond to incidents, affirms that the company’s detection and response capabilities are among the best the industry has to offer.
Overall, F-Secure’s results reflect its continued industry-leading performance from MITRE’s first evaluation.* F-Secure’s second-round results demonstrated its comprehensive coverage of TTPs used at every stage of a simulated attack from The Dukes – an advanced persistent threat (APT) group associated with the Russian government, and topic of a 2015 F-Secure study.**
The results also showcased the amount of detail F-Secure’s cloud-native detection and response technology provides to defenders about suspicious activity – a benefit F-Secure Vice President Christine Bejerasco highlights as a key capability to help organizations mount an effective response to security incidents.
“We’re pleased that MITRE’s tests once again confirm our ability to detect advanced threats,” said Bejerasco, who leads F-Secure’s Tactical Defense Unit. “Our real-time approach to detection provides immediate visibility into the TTPs employed during an attack, which helps arm defenders with valuable information about threats. And thanks to these capabilities, our customers can respond quickly and efficiently to advanced attacks while minimizing time spent chasing false positives.”
The MITRE ATT&CK evaluation assesses detection capabilities for post-compromise adversary tactics and techniques. While it’s mainly oriented toward evaluating technologies, this round of testing was broadened to place greater emphasis on the advantages offered by skilled professionals in managed detection and response services – an area where F-Secure scored strongly in MITRE’s tests.
By bringing the defensive capabilities provided by people – such as threat hunting – into the scope of the tests, F-Secure Executive Vice President Tim Orchard says MITRE’s second round of testing will help organizations better understand and assess the value a skilled team of defenders bring when combating targeted attacks.
“Putting the right technology in the hands of skilled threat hunters is how you catch the targeted attacks that result in the massive data breaches you hear about in the news. Our threat hunters played an important role in our test results, but their value becomes even more apparent during real attacks. Skilled professionals can quickly recognize new or obscure TTPs used specifically to evade automation, which they can then validate, escalate, and mitigate before any significant harm is done,” said Orchard.