Kaspersky in MITRE ATT&CK;®
ROUND 2 (APT29) EVALUATION RESULTS
MITRE ATT&CK;® is an open knowledge database where attackers' arsenals and behaviors are collected and categorized by MITRE researchers, based on multiple real-world studies and threat reports. ATT&CK; is a valuable framework for organizations seeking a better understanding of specific threats they may face. Since 2018, MITRE has been evaluating cybersecurity products, based on the ATT&CK; framework. In these evaluations, researchers emulate known adversary behaviors to reveal how each product detects the different steps of a targeted attack. There are no scores, rankings, or ratings in this evaluation. Instead, MITRE shows how each vendor approaches threat defense within the context of ATT&CK;, so any organization can see the true capabilities of a security product in addressing its individual concerns. In 2019, Kaspersky took part in MITRE ATT&CK; Evaluation Round 2: our security products were tested against attack techniques of the APT29 threat group. Here you'll find the evaluation results and important comparative metrics, together with our views on MITRE methodologies.
Round 2 Evaluation Results
See how Kaspersky performs against APT29 techniques in the ATT&CK; evaluation
Round 2: Our Configuration
More details about the Kaspersky solution used in ATT&CK; Evaluation
ATT&CK; Evaluation: Insights
Learn about the methodology specifics, for better understanding of results
What's behind APT29?
How they attack: the story of our hunt for the CozyDuke criminal group
ATT&CK; for ICS: Industroyer
See how Kaspersky Industrial CyberSecurity deals with an Industroyer-based APT