Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

CrowdStrike Falcon Achieves Comprehensive Detection and Extensive Visibility in Every Stage Of The Latest MITRE Engenuity ATT&CK Evaluation

CrowdStrike’s unique CrowdScore detection technology reduces burden for security analysts by providing actionable security incidents enriched with deep contextual telemetry

CrowdStrike, a leader in cloud-delivered endpoint protection, announced it has successfully completed its third ATT&CK® Evaluation performed by MITRE Engenuity. CrowdStrike Falcon® was evaluated for its ability to detect attack techniques employed by CARBON SPIDER (also known as FIN7) and Carbanak, sophisticated cyber criminals affiliated with the multiple adversary groups. The series of attacks spanned the Enterprise ATT&CK spectrum, covering 20 separate test steps on both Linux and Windows operating systems.

ATT&CK is a MITRE-developed knowledge base of adversary tactics and techniques based on real-world observations to describe and better understand threats and to pinpoint gaps in visibility and process. MITRE Engenuity’s ATT&CK Evaluations test a vendor’s ability to detect adversary activity across a full range of sophisticated attacks, from initial breach all the way through lateral movement, persistence and exfiltration.

Recommended AI News: Scalefusion Enters Into a Strategic Partnership With VS One World

CrowdStrike’s results in this latest ATT&CK Evaluation demonstrate CrowdStrike Falcon’s exceptional prowess in delivering protection, visibility, and detection via a single, intelligent agent to secure endpoints and workloads across the entire breadth of the ATT&CK framework. Unlike other vendors, Falcon focuses on providing highly actionable alerts, dramatically reducing alert fatigue for security analysts. Falcon’s actionable alerts are enriched with deep contextual telemetry into adversary techniques, which are tested across different enterprise attack surfaces, to allow security analysts to understand threats quickly and act decisively.

Key results from MITRE Engenuity’s ATT&CK Evaluation include:

● CrowdStrike Falcon achieved comprehensive detection coverage by providing actionable alerts on each of the 20 steps of the Evaluation. The Falcon platform prevented simulated intrusions against both threat actors at multiple steps across the MITRE ATT&CK framework, demonstrating equally strong capabilities across Windows and Linux platforms, via a single lightweight, intelligent agent.

Related Posts
1 of 15,846

● CrowdStrike’s CrowdScore detection engine correlated relevant indicators of compromise and telemetry to detect the sophisticated adversary intrusions, helping to speed up time to response.

● Falcon provided deep and comprehensive visibility into attack behaviors, ultimately reducing the time needed to understand, contain and remediate incidents.

● CrowdStrike’s unique CrowdScore Incident Workbench prioritized and visualized the detected attacks with rich contexts such as ATT&CK Tactics and Techniques, threat actor intelligence, devices and users. Results were presented as actionable security incidents enriched with deep contextual telemetry — replacing discrete security alerts that can overwhelm security teams and providing benefits that no other vendor could match.

● Combined, these results showcased Falcon’s ability to deliver leading out-of-box detection and prevention into adversary activities, significantly reducing manual work for Security Operation Centers (SOCs) to bring down the total cost of ownership.

Recommended AI News: Narrative Adds Invisibly’s Approved Audience Data to Its Data Streaming Platform

“Modern endpoint protection platforms must solve deep customer pain points and offer a comprehensive view into the attack life cycle in order to help security teams pinpoint threats quickly and correlate massive data sets at scale. This ensures that threat intelligence is contextualized, so that teams can take decisive action to stop incidents from becoming breaches,” said Michael Sentonas, CrowdStrike’s chief technology officer. “CrowdStrike’s enviable performance in three consecutive MITRE evaluations showcases the effectiveness of our world class cross-platform endpoint protection technology. We believe our offering provides customers with the most innovative solution on the market – combining comprehensive detection with ease-of-use. Third-party testing is critical within the industry, and CrowdStrike remains committed to participating in programs that help to inform the industry and ultimately keep organizations more secure.”

Recommended AI News: FiscalNote Announces Appointment Of Three New Members To Its Board Of Directors

Comments are closed.