Carbon Black has delivered zero delayed detections and zero tainted detections in the MITRE Corporation’s Adversarial Tactics, Techniques and Common Knowledge (ATT&CK) assessment.
The MITRE assessment tests the ability to quickly detect specific adversary tactics and techniques as captured in the ATT&CK knowledgebase.
In the assessment, CB Response demonstrated it could automatically detect and display adversarial behaviours without humans-in-the-loop across the entire MITRE ATT&CK Matrix, which includes: initial access, execution, privilege escalation, defence evasion, credential access, discovery, lateral movement, collection, exfiltration and command and control.
The full report from MITRE on Carbon Black is here: attackevals.mitre.org/evaluations/…ack.1.apt3.1.html
“We’re proud to be among the initial vendors evaluated by MITRE and we’re extremely proud of these results. We attribute our very strong showing to our philosophy of building products the right way for the long haul,” said Scott Lundgren, Carbon Black’s Chief Technology Officer.
“Objective, transparent and open testing is critical as a means of driving the industry forward, and the MITRE ATT&CK framework offers a critical look at how real-world attacks play out. We believe MITRE has set an excellent standard for how testing should be conducted in an open, rigorous, and sophisticated way. We thank MITRE for its leadership.”
Carbon Black also announced it has added MITRE ATT&CK threat intelligence feeds to CB Response and CB ThreatHunter to deliver new behaviour-based threat intelligence to customers.
Carbon Black’s MITRE ATT&CK feeds combine the power of Carbon Black’s unfiltered endpoint data collection and a robust collection of adversary techniques to simplify threat detection and threat hunting. The new threat feeds map directly to the various attack tactics outlined by MITRE.
“By adding ATT&CK threat intelligence feeds to Cb Response and Cb ThreatHunter, organisations now have an unfiltered view into all endpoint activity viewed through the lens of attack building blocks and behaviours noted by MITRE. We believe this results in more comprehensive and advanced threat hunting capabilities for security professionals,” said Lundgren.
Category: Security Company about: Carbon Black leads a new era of endpoint security by enabling organisations to disrupt advanced attacks, deploy the best prevention strategies for their business, and leverage the expertise of 10,000 professionals from IR firms, MSSPs and enterprises to shift the balance of power back to security teams. Only Carbon Black continuously records and centrally retains all endpoint activity, making it easy to track an attacker’s every action, instantly scope every incident, unravel entire attacks and ...