CrowdStrike Achieves 99% Detection Coverage in First-Ever MITRE Engenuity ATT&CK Evaluations for Security Service Providers

Rhea-AI Summary

CrowdStrike (NASDAQ: CRWD) announced its impressive performance in the inaugural MITRE Engenuity ATT&CK Evaluations, achieving 99% detection coverage of adversary behavior from 16 evaluated vendors. The CrowdStrike Falcon platform identified 75 out of 76 adversary techniques related to the Iranian government-aligned group, OilRig. The evaluation showcased the platform's Managed Detection and Response service, which provides rapid identification and response capabilities. The results reaffirm CrowdStrike's leadership in EDR/XDR solutions, emphasizing its effectiveness and ease of use for organizations globally.

Positive

• Achieved 99% detection coverage in MITRE evaluations, identifying 75 out of 76 adversary techniques.
• Showcased superior speed and efficiency in threat detection with the Managed Detection and Response service.
• Confirmed leadership position in EDR/XDR solutions within the cybersecurity industry.

Negative

• None.

CrowdStrike Falcon platform excelled in MITRE evaluation with superior technology, elite services, integrated threat intelligence and proactive threat hunting

AUSTIN, Texas--(BUSINESS WIRE)-- CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, today announced its results in the first-ever MITRE Engenuity ATT&CK Evaluations for security service providers. The CrowdStrike Falcon^® platform achieved 99% detection coverage of adversary behavior (reporting 75 of the 76 adversary techniques) out of the 16 vendors evaluated.

This inaugural round of MITRE ATT&CK Evaluations tested vendors by emulating the tactics, techniques and procedures (TTPs) of OilRig (also known as HELIX KITTEN), the adversary group with operations aligned to the strategic objectives of the Iranian government. Vendors were asked to accurately identify malicious activity and associate it to the adversary and corresponding steps in the MITRE ATT&CK framework. Unique to the evaluation, MITRE employed a closed book version of adversary emulation, whereby vendors did not know the adversary until after the execution was complete.

The CrowdStrike Falcon platform shined in MITRE’s evaluation with its Managed Detection and Response (MDR) offering – CrowdStrike Falcon Complete – which is rooted in industry-leading Endpoint Detection and Response (EDR), eXtended Detection and Response (XDR) and Managed Threat Hunting capabilities. The CrowdStrike Falcon platform identified the tradecraft of the emulated adversary (HELIX KITTEN) within minutes, resulting in superior detection coverage to drive rapid, end-to-end response. Speed is critical, as the average breakout time (i.e. the time, on average, it takes an adversary to move laterally from initial compromise to other hosts within the victim environment) is 84 minutes according to the 2022 Falcon OverWatch Threat Hunting Report.

“We believe MITRE's evaluation demonstrates why CrowdStrike is a clear leader in EDR/XDR, whether our capabilities are delivered as a fully managed service from CrowdStrike or our network of MSSP partners, or operated independently by our customers. The closed book test provides an opportunity to show how security platforms operate against adversary tradecraft in a real-world setting, as vendors have no prior knowledge to guide their actions,” said Michael Sentonas, chief technology officer at CrowdStrike. “Achieving a near 100% detection coverage further validates our platform’s effectiveness and ease of use, as well as our pioneering MDR services, which are trusted to stop breaches for thousands of organizations worldwide.”

Additional Resources

• CrowdStrike will host a webinar on Thursday, November 10 at 8 a.m. PT for an in-depth overview of the MITRE Engenuity ATT&CK Evaluations for Security Service Providers.
• For more information on CrowdStrike’s results and CrowdStrike Falcon Complete, please visit the blog.
• For full results and more information about the evaluations, please visit the MITRE Engenuity website.

About MITRE Engenuity

MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.

MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense.

About CrowdStrike

CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.

Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.

Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

CrowdStrike: We stop breaches.

Learn more: https://www.crowdstrike.com/
Follow us: Blog | Twitter | LinkedIn | Facebook | Instagram
Start a free trial today: https://www.crowdstrike.com/free-trial-guide/

© 2022 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.

View source version on businesswire.com: https://www.businesswire.com/news/home/20221109005445/en/

Kevin Benacci

CrowdStrike Corporate Communications

press@crowdstrike.com

Source: CrowdStrike

FAQ

What are the results of CrowdStrike's MITRE evaluation?

CrowdStrike achieved 99% detection coverage, identifying 75 out of 76 adversary techniques in the inaugural MITRE Engenuity ATT&CK Evaluations.

How did CrowdStrike perform compared to other vendors in the MITRE evaluation?

CrowdStrike was among 16 evaluated vendors and received the highest detection coverage at 99%.

What does the MITRE evaluation mean for CrowdStrike's future?

The evaluation reinforces CrowdStrike's leadership in the cybersecurity market and may enhance its reputation among potential customers and investors.

What is the significance of the adversary group OilRig in the evaluation?

OilRig is linked to the Iranian government and was the focus of the adversary emulation in the MITRE evaluation, showcasing CrowdStrike's effectiveness in identifying state-sponsored threats.