Articulate Your Capabilities with ATT&CK Evaluations


MITRE Engenuity’s ATT&CK Evaluations provide vendors with an assessment of their capability’s ability to defend against adversary behaviors, as described in the ATT&CK knowledge base. The assessments offer unbiased feedback and a chance for vendors to reflect on their technology. The vendor can better understand its capabilities and limitations, which in turn motivates future improvement, making solutions better and the world a safer place.

ATT&CK Evaluations advance industry capabilities by emulating adversary behavior for testing. Basing evaluations on ATT&CK aligns them to a common lexicon understood by security practitioners from both the offensive and defensive perspectives. These evaluations are measurable and repeatable, making them useful for continual assessments of incremental improvements.

The evaluation is a collaborative experience, where MITRE Engenuity works with vendors to articulate how their capabilities can detect adversary behavior. These evaluations are not a competitive analysis, so you will not find scores, rankings, or ratings. Instead, we work with each vendor independently, and evaluate how they approach threat detection in their own way.

Impartiality and transparency are essential components of MITRE Engenuity’s mission, so we make our methodology and results available to everyone. The methodology provides critical context to the results we document, where specific implementation details and timing matter. The results enable the vendor’s customers to make informed decisions about their defensive cybersecurity investments and use the capabilities more effectively.

For additional information on participating in ATT&CK Evaluations, contact evals@mitre-engenuity.org.

Vendor participation is subject to applicable legal restrictions, available resources, and other factors.