If you’re in the market for an endpoint detection and response (EDR) solution, you can use results from the MITRE Engenuity ATT&CK® Evaluations to understand the extent to which participating EDR providers can detect and protect against attack techniques associated with specific threat actors.
However, if you’re considering a network detection and response (NDR) solution and you want to see how different NDR providers stack up against the MITRE ATT&CK Matrix for Enterprise, you’ll need to carefully validate the claims NDR providers make about their coverage. Since MITRE Engenuity doesn’t currently evaluate NDR providers, there’s no single, independent, industry-standard methodology for validating the ATT&CK techniques that NDR solutions cover. This creates all kinds of confusion in the market.
When evaluating NDR providers’ MITRE ATT&CK coverage, keep the following considerations in mind: ...read more!