CrowdStrike was the only vendor to demonstrate native and unified Zero Trust and identity protection capabilities in its platform
CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, today announced its results from the fourth round of the MITRE Engenuity ATT&CK® Enterprise Evaluations. CrowdStrike achieved 100% prevention with comprehensive visibility and actionable alerts – demonstrating the power of the Falcon platform to stop today’s most sophisticated threats.
This round of independent ATT&CK Evaluations for enterprise cybersecurity solutions emulated the WIZARD SPIDER and VOODOO BEAR (Sandworm Team) threat groups, which were chosen because of their sophistication and broad range of post-exploitation tradecraft. The Falcon platform was evaluated among products from 30 vendors.
Falcon Platform Delivers 100% Prevention
The Falcon platform delivered 100% prevention in the ATT&CK Evaluations, consisting of nine test scenarios (including 19 steps and 109 substeps) on Windows and Linux operating systems. According to the 2022 CrowdStrike Global Threat Report, the average breakout time for adversaries -- the time an adversary takes to move laterally from an initially compromised host to another host within the victim environment -- is 98 minutes. Organizations need to be able to stop attackers immediately, before they can move about the network and cause damage. CrowdStrike shuts down attacks before they start.
CrowdStrike Delivers a Unified Platform Approach
CrowdStrike was the only vendor to demonstrate native and unified Zero Trust and identity protection capabilities in its platform. Adversaries are increasingly using legitimate and stolen credentials to try and evade detection. The Falcon platform shuts down identity-based attacks before they can start by delivering powerful capabilities like identity-based security, comprehensive Indicators of Attack (IOAs), machine learning, automated orchestration and threat intelligence through a unified, cloud-native approach. In the ATT&CK Evaluations, the Falcon platform proved these capabilities stop attackers quickly with more than 93% of attacker tactics, techniques and procedures (TTPs) stopped before they could execute.
Falcon Platform Delivers Comprehensive Visibility and Actionable Alerts
The Falcon platform provides comprehensive capabilities and tools for security teams to see, stop and understand an attack – scoring visibility on 96% of substeps in the ATT&CK Evaluations while presenting evidence for 99% of substeps. Visibility is a critical requirement of effective security, as security teams require context, historical visibility and response capabilities. CrowdStrike visually highlights detected attacks with rich context to streamline the triage process and helps security teams focus on the most critical threats first. In the ATT&CK Evaluations, the tested activities are presented in just six incidents, minimizing alert fatigue and giving security teams needed context to understand an attack.
“Achieving 100% prevention in the fourth round of the MITRE Engenuity ATT&CK Evaluation shows the power of the Falcon platform, which was designed to enable organizations to take a unified approach in detecting and preventing attacks across the endpoint, cloud, identity and data. CrowdStrike is setting the industry standard with a cloud-native security platform that is designed to deliver the most robust protections and stop the most sophisticated threats,” said Michael Sentonas, chief technology officer at CrowdStrike.
For more information on CrowdStrike’s test results, please visit the blog.
For full results and more information about the evaluations, please visit the MITRE Engenuity website.
About MITRE Engenuity
MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.
MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense.
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.
Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.
Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.
CrowdStrike: We stop breaches.
© 2022 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.
CrowdStrike Corporate Communications