Bitdefender a Top Overall Performer in Fourth Round of MITRE Engenuity ATT&CK Enterprise Evaluations
Independent Testing Designed to Emulate the Sophisticated Wizard Spider and Sandworm Threat Groups Reveals High Efficacy of Bitdefender GravityZone
Bitdefender, a global cybersecurity leader, announced it achieved among the top scores of the 30 participating cybersecurity vendors in MITRE Engenuity’s recent independent ATT&CK® Evaluations for Enterprise cybersecurity solutions. Bitdefender scored 97 percent in overall analytics insights and 95 percent in technique-level descriptions, the most in-depth detection metric identifying specific steps of how attackers breached the environment and moved laterally.
“This achievement, in identifying the precise techniques adversaries use to move through networks, validates Bitdefender’s position as an industry leader in threat prevention and detection technology,” said Dragos Gavrilut, director of cyber threat intelligence at Bitdefender. “Excelling in these capabilities is vital for enterprises to counter the sophisticated multi-stage attacks carried out by today’s cybercriminal groups and nation-state actors. Independent tests like the MITRE ATT&CK Evaluations are essential for helping organizations evaluate the effectiveness of cybersecurity technologies against complex attacks.”
The 2022 ATT&CK Evaluations tested cybersecurity vendors for their ability to detect techniques and tactics used by Wizard Spider and Sandworm, two advanced threat groups that employ ransomware and wiper malware targeting businesses and government organizations worldwide. Vendor participants were evaluated using emulations of the Data Encrypted For Impact technique used by Wizard Spider to deploy ransomware including Ryuk and Sandworm to encrypt and destroy data with their NotPetya malware. Each participant was evaluated based on detection rates across 19 total steps and 109 sub-steps in the framework’s attack kill chain from initial compromise through final stage of execution.
MITRE Engenuity evaluated Bitdefender GravityZone Ultra, the company’s unified security platform incorporating endpoint protection (EPP) and endpoint detection and response (EDR) including cross-endpoint threat correlation and advanced risk analytics. The platform delivers deep context to detections and offers a direct path to Bitdefender managed detection and response (MDR) services.
Marketing Technology News: MarTech Interview with Tisson Mathew, Founder & CEO at SkyPoint Cloud
Bitdefender results include:
- Exceptional Detection of Attack Techniques — Bitdefender GravityZone was among the leaders of vendor solutions tested at identifying ‘Technique’, the highest-level of context associated with the sub-steps on how the attack was performed. Scoring 95 percent, Bitdefender identified 103 of 109 sub-steps.
- Outstanding Analytics Performance — Bitdefender was among the top vendors scoring 97 percent overall in total analytics coverage, providing deep analysis and rich context for 106 of 109 total sub-steps.
- Strong Linux Coverage — Bitdefender achieved 100 percent analytics coverage of attack techniques against Linux systems.
“This latest round indicates significant product growth from our vendor participants. We are seeing greater emphasis in threat informed defense capabilities, which in turn has developed the infosec community’s emphasis on prioritizing the ATT&CK Framework,” said Ashwin Radhakrishnan, acting general manager of ATT&CK Evaluations at MITRE Engenuity.