MITRE Engenuity ATT&CK Evaluations

February 15, 2023

MITRE has released a new evaluations program for its Engenuity ATT&CK (Advanced Threat and Control Kit) suite. This evaluation will allow security practitioners to test the product’s ability to protect their network infrastructure against emerging threats. The results will share with the broader security community as the Engenuity suite becomes available for purchase. This evaluation is one of the first of its kind to use MITRE’s latest technologies, including the Cortex XDR, a next-generation forensic tool that can deployed directly on the network.

Microsoft Defender Experts for Hunting

Defender Experts for Hunting is a Microsoft 365 Defender product that hunts for threats across endpoints, identities, cloud applications and the entire Microsoft 365 software stack. The service provides contextual alert information and remediation instructions. It designed for security operations centers (SOCs) and companies with robust SOCs.

Microsoft 365 Defender is a suite of products that help businesses stay ahead of emerging threats. These products include threat monitoring, incident response, and defense against malware. Each product is based on data from the Microsoft Defense Network, which provides unique insights into threats and malware. It also includes on-demand access to Microsoft’s experts, which can used to assist with incident response.

Microsoft’s expert-led managed services address the growing skills shortage in cybersecurity. They combine human expertise with expert-trained technology to provide proactive, real-time detection and protection for organizations.

Check Point Harmony Endpoint

Check Point Harmony Endpoint, an industry-leading threat detection solution, recently recognized as the leading result in the new MITRE Engenuity ATT&CK Evaluations. The results demonstrate that the solution provides the highest level of technique detection, including full visibility into all attack steps.

The MITRE Engenuity team uses a unique approach to testing cybersecurity solutions by emulating nation-state hacking techniques. This allows vendors to see where they need improvement. It also raises the bar on industry standards.

Check Point’s Harmony Endpoint is a unified, endpoint security solution. It delivers contextualized visibility into real world cyber threats and ensures zero-trust access to corporate applications and devices. Unlike traditional antivirus, it provides complete, comprehensive endpoint protection. Its comprehensive threat detection and protection capabilities enable organizations to respond to complex attacks with minimal impact on user productivity.

Cisco Secure Endpoint

MITRE’s Engenuity ATT&CK Evaluation is the gold standard for evaluating endpoint security solutions. This analysis provides a detailed look at the functionality and performance of the leading endpoint security products. These results are open to the public and can help organizations determine which products are best for their needs.

During the ATT&CK evaluation, Cisco’s Secure Endpoint shown to be an effective prevention solution, preventing threats early in the kill chain. The platform includes device analysis and threat hunting capabilities that provide the intelligence security teams need to respond quickly to threats.

During the ATT&CK Evaluation, Cisco evaluated against two hypothetical attack groups, OilRig and Carbanak. These malicious actors use the same malware and tactics that the testing vendors had to emulate.

ESET Inspect

ESET Inspect is a well-rounded solution for both endpoint detection and response. It provides deep visibility into threats, a full set of security monitoring tools, and real-time feedback based on threat intelligence. It can configure to fit specific enterprise environments. Moreover, it also features remote PowerShell capabilities, which allow Security Engineers to configure and inspect computers.

ESET Inspect also evaluated in the MITRE Engenuity ATT&CK Evaluations, an initiative to test the latest in endpoint security. The evaluations conducted over four rounds, with thirty participating vendors. The program is a great opportunity to see how the leading vendors in the market are approaching security.

MITRE’s ATT&CK Evaluations provide the industry with unbiased and objective insights into commercial security solutions. The results released in the form of a side-by-side vendor comparison tool.

Cortex XDR

Palo Alto Networks has completed the MITRE Engenuity Cortex XDR Evaluation. This evaluation tested the company’s ability to detect and protect against real-world attacks. It achieved 100% prevention and visibility. Its performance is among the best in the industry.

Cortex XDR is an AI-based, cloud-native solution that delivers complete visibility into your endpoint and network data, fueling a behavioral threat protection strategy. It provides actionable insight that enables fast, accurate remediation. It has validated by third-party endpoint security assessments, enabling organizations to stop modern attacks.

The ATT&CK framework developed by MITRE is a global knowledge base of attacker techniques, a comprehensive set of tools and methods that help security operations evaluate a vendor’s security tools. It use by almost every Cyber Defense vendor.

Ammar Fakhruddin


Ammar brings in 18 years of experience in strategic solutions and product development in Public Sector, Oil & Gas and Healthcare organizations. He loves solving complex real world business and data problems by bringing in leading-edge solutions that are cost effective, improve customer and employee experience. At Propelex he focuses on helping businesses achieve digital excellence using Smart Data & Cybersecurity solutions.

Preparing Businesses for AI-Powered Security Threats

Preparing Businesses for AI-Powered Security Threats

Preparing businesses for AI-powered security threats. Stay ahead of evolving cybersecurity challenges with proactive strategies and advanced technologies. When AI goes wrong, the repercussions can be devastating. They range from the loss of life if an AI medical...

Reducing CISOs’ Risk with Data Broker Management

Reducing CISOs’ Risk with Data Broker Management

Reducing CISOs' risk with data broker management. Explore strategies to enhance cybersecurity and safeguard sensitive information in the digital landscape. Every time you use a search engine, social media app or website, buy something online or even fill out a survey...

Vulnerability Prediction with Machine Learning

Vulnerability Prediction with Machine Learning

Advance vulnerability prediction with machine learning. Explore how AI can enhance proactive cybersecurity measures to mitigate potential risks. Machine learning is a field devoted to understanding and building methods that let machines “learn” – that is, methods that...

Recent Case Studies

Mid-size US based firm working on hardware development and provisioning, used DevOps-as-a-...
One of the fastest growing providers of wealth management solutions partnered to build a m...
A US based software startup working on the advancements in genomics diagnostics and therap...

Press Releases

News & Events


Managed Security Services
Security & Privacy Risk Assessment
Cloud Platform Security
Incident Response & Business Continuity

Penetration Testing

Virtual CISO

Email Security & Phishing



About Us