Rapid7 is very excited to share the results of our participation in MITRE Engenuity’s latest ATT&CK Evaluation, which examines how adversaries abuse data encryption to exploit organizations.
With this evaluation, our customers and the broader security community get a deeper understanding of how InsightIDR helps protectors safeguard their organizations from destruction and ransomware techniques, like those used by the Wizard Spider and Sandworm APT groups modeled for this MITRE ATT&CK analysis.
What was tested
At the center of InsightIDR’s XDR approach is the included endpoint agent: the Insight Agent. Rapid7’s universal Insight Agent is a lightweight endpoint software that can be installed on any asset – in the cloud or on-premises – to collect data in any environment. The Insight Agent enables our EDR capabilities that are the focus of this ATT&CK Evaluation.
Across both Wizard Spider and Sandworm attacks, we saw strong results indicative of the high-fidelity endpoint detections you can trust to identify real threats as early as possible.
Building transparency and a foundation for dialogue with MITRE Engenuity ATT&CK evaluations
Since the launch of MITRE ATT&CK in May 2015, security professionals around the globe have leveraged this framework as the “go-to” catalog and reference for cyberattack tactics, techniques, and procedures (TTPs). With this guide in hand, security teams visualize detection coverage and gaps, map out security plans and adversary emulations to strengthen defenses, and quickly understand the criticality of threats based on where in the attack cha ..
Support the originator by clicking the read the rest link below.
