Executive Summary
- The MITRE’s ATT&CK Enterprise Evaluation is an impartial non-profit initiative designed to put the leading cybersecurity platforms in the world to the test.
- Taking place in late 2023, the most recent round of testing was completed, and SentinelOne’s Singularity Platform has (yet again) delivered some of the most impressive scores in the industry.
- As a proud SentinelOne partner, the team at Get Support is pleased to report that the platform achieved 100% protection and 100% detection scores in the 2023 evaluation.
Introduction
For a couple of years now, Get Support has been a proud partner of SentinelOne.
As a comprehensive cybersecurity system, we have total confidence in the platform to keep our clients’ data locked up tight. And, if you’re a regular to the blog here, you’ll know that we spend a lot of time focused on cybersecurity topics – so we need the tools to back that up.
But how can you, as a Get Support client, be sure that SentinelOne delivers what we say it does? How about a rigorous third-party test of the key security features of the platform, leveraging large-scale testing of the system’s response to ransomware, malware, and more?
That’s exactly what MITRE’s ATT&CK Enterprise Evaluation is designed to do – and the latest results really do speak for themselves.
What is MITRE’s ATT&CK Enterprise Evaluation?
Unless you’re a cybersecurity professional, you probably haven’t heard of MITRE’s ATT&CK framework – so let’s take a moment to explain.
The framework is a comprehensive knowledge base of cyberattack tactics and techniques, based on real-world observations and data. But how can cybersecurity vendors use this framework to assess and improve their own security tools and systems? That’s where MITRE’s ATT&CK Enterprise Evaluation comes in.
The evaluation aims to provide transparent and actionable insights into how well different products can detect and respond to various types of threats, such as ransomware, espionage, or sabotage. The evaluation is conducted by MITRE Engenuity, a non-profit organisation that operates independently from MITRE Corporation, the creator of the ATT&CK framework. MITRE Engenuity works with various security vendors who volunteer to participate in the evaluation, as well as with industry experts and researchers who provide feedback and validation.
In a nutshell, the ATT&CK Enterprise Evaluation is a valuable resource for anyone who wants to understand the strengths and weaknesses of their security products – and how they can improve their security posture against real-world threats.
SentinelOne’s 2023 ATT&CK Enterprise Evaluation results
At GetSupport, we’re a proud partner of the SentinelOne Singularity Platform and recommend it as an indispensable cybersecurity tool. But you don’t need to take our word for it, because the numbers speak for themselves.
As announced on their website, SentinelOne’s Singularity Platform – for the fourth year running – achieved a 100% protection and 100% detection score in the 2023 evaluation.
To get more specific, here’s exactly how the platform scored:
- 100% Protection – blocked 13 out of 13 protection steps
- 100% Detection – detected 18 of 18 detection steps
- 100% Real-time – zero delayed detections
- 100% Realistic – zero configuration changes
- 96% Visibility into attack sub-steps
The 2023 ATT&CK Enterprise Evaluation – in detail
The numbers are clearly impressive, but let’s dig in a little further to see what they really mean.
In short, the results show that the SentinelOne Singularity Platform was able to detect and block every step of the Turla attack, without any delays or configuration changes. Turla is an attack scenario based on a Russian cyberespionage group which has been responsible for attacks in over 50 countries since 2004.
What does this mean in real terms? That the platform can provide real-time protection with zero human intervention, right out of the box. That’s impressive, considering that Turla is known for using sophisticated and evasive tools and malware to compromise their victims.
For the 2023 evaluation, the Turla attack involved 20 steps across 10 tactics, such as initial access, execution, persistence, privilege escalation, defence evasion, credential access, discovery, lateral movement, collection, and exfiltration. The SentinelOne Singularity Platform was able to prevent 14 steps, detect 6 steps, and correlate all the steps into a single timeline – providing a clear and comprehensive view of the attack.
In addition to detection, the platform also provides automated remediation capabilities, such as rollback, quarantine, kill, and immunise, to quickly and effectively contain and eliminate threats.
Does your organisation need a cybersecurity tune-up?
If the results of 2023’s ATT&CK Enterprise Evaluation have impressed you as much as they did the team here at Get Support, we’d invite you to find out more about how the SentinelOne Singularity Platform could protected your business.
Just reach out to your Get Support account manager for a quick demo of the platform and to dive deep into more specific ways it could keep your precious company data safe.
Get in touch with your account manager today or call us on 01865 594 000 with any questions about SentinelOne or our cybersecurity services.