MITRE Engenuity’s ATT&CK Evaluations team pitted ESET Enterprise Inspector against attack techniques emulating the infamous threat groups Carbanak and FIN7. ESET also participated in the optional Protection scenario.
BRATISLAVA – ESET, a global leader in cybersecurity, today announced the participation of ESET Enterprise Inspector in the third round of ATT&CK® Evaluations. The MITRE Engenuity team leveraged the MITRE ATT&CK® knowledge base to conduct simulated attacks using the tactics and techniques of Carbanak and FIN7 – adversary groups notorious for targeting financial services and hospitality organizations. The third round of evaluations started in the second half of 2020 and the results were announced today.
“With ESET Enterprise Inspector, our endpoint detection and response solution, demonstrating maturity, it became critical to evaluate how it stands up against the tactics and techniques of advanced persistent threat groups, which is why we chose to participate in the ATT&CK® Evaluations,” said Chief Research Officer Roman Kováč at ESET. “We have been tracking Carbanak as far back as 2015, but as cybercriminals are always evolving, it remains critical to keep pace by putting our security solutions to the test and getting expert feedback from the MITRE Engenuity team.”
In this evaluation, ESET Enterprise Inspector was evaluated against dozens of ATT&CK techniques. In addition to the Detection category, ESET was one of the 17 vendors (of 29 total) that signed up for the extended evaluations in the Protection category. The MITRE Engenuity team has released a side-by-side vendor comparison tool that will make it easier to highlight the differences between two selected solutions.
“MITRE’s evaluations empower the security community to make more informed decisions through a transparent evaluation process and we’re glad that ESET participated in this important test, along with multiple other vendors,” said Frank Duff, MITRE ATT&CK Evaluations Lead. “Using the MITRE ATT&CK framework as the benchmark, and our publicly available results, users can explore how ESET Enterprise Inspector detected our emulated adversary behavior of Carbanak and FIN7. Working together, these evaluations can make cyberspace safer for everyone.”
For more information on the MITRE Engenuity ATT&CK Evaluations for Carbanak and FIN7, check out MITRE Engenuity’s testing overview.
About MITRE Engenuity ATT&CK Evaluations
MITRE Engenuity ATT&CK evaluations are paid for by vendors and are intended to help vendors and end-users better understand a product’s capabilities in relation to MITRE’s publicly accessible ATT&CK® framework. MITRE developed and maintains the ATT&CK knowledge base, which is based on real world reporting of adversary tactics and techniques. ATT&CK is freely available, and is widely used by defenders in industry and government to find gaps in visibility, defensive tools, and processes as they evaluate and select options to improve their network defense. MITRE Engenuity makes the methodology and resulting data publicly available so other organizations may benefit and conduct their own analysis and interpretation. The evaluations do not provide scores, ranks, or endorsements.
About MITRE Engenuity
MITRE Engenuity is a tech foundation that collaborates with the private sector on challenges that demand public interest solutions, to include cybersecurity, infrastructure resilience, healthcare effectiveness, microelectronics, quantum sensing and next generation communications. www.mitre-engenuity.org
About ESET
For more than 30 years, ESET® has been developing industry-leading IT security software and services to protect businesses, critical infrastructure and consumers worldwide from increasingly sophisticated digital threats. From endpoint and mobile security to endpoint detection and response, as well as encryption and multifactor authentication, ESET’s high-performing, easy-to-use solutions unobtrusively protect and monitor 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company that enables the safe use of technology. This is backed by ESET’s R&D centers worldwide, working in support of our shared future. For more information, visit www.eset.com or follow us on LinkedIn, Facebook, and Twitter.