CrowdStrike Falcon Delivers Best-in-Class Detections, Visibility and Context in MITRE ATT&CK Product Evaluation Testing
CrowdStrike delivers industry-leading endpoint protection and continued commitment to the MITRE ATT&CK™ framework
Sunnyvale, CA — December 5, 2018 — CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced it has successfully completed its second evaluation by MITRE’s ATT&CK evaluations program. The CrowdStrike Falcon® platform was evaluated for its ability to detect attack techniques employed by GOTHIC PANDA (also known as APT3), a sophisticated adversary affiliated with the Chinese government. CrowdStrike was the first endpoint protection company to integrate the MITRE ATT&CK framework into its product and has been participating in this evaluation since its inception.
The analysis of the MITRE evaluation results show that CrowdStrike Falcon was the top performing product in the evaluation. Key results include:
- CrowdStrike Falcon delivered the most proactive detections of any tested solution. The ability for a product to detect attacks, rather than rely on skilled operators to manually uncover attacks, is absolutely critical for all organizations and shows that CrowdStrike delivers unique efficiency gains for security operations teams.
- Falcon was able to provide the most complete out-of-the-box visibility, revealing the highest number of individual attack techniques, without requiring product updates or configuration changes.
- CrowdStrike’s solution offered the deepest context for each phase of the simulated attack, including being the only product tested to include a feature that delivers custom emails from a team of expert threat hunters for further investigative support and remediation guidance.
- More detailed analysis of the test results are available in a blog post.