2021 MITRE ATT&CK Engenuity Results

Now that the MITRE ATT&CK Engenuity results for 2021 have been released, participating vendors will be publishing their results. However, it can be hard to understand how well a vendor has actually performed as MITRE do not produce scores and rankings. Vendors tend to form their own results by only sharing specific results and shaping the messaging behind the results. In this blog post we have put together some of the key results to help you cut through all the noise.


What are MITRE Engenuity ATT&CK Evaluations?

MITRE Engenuity evaluates cyber security products using an open methodology based on the ATT&CK knowledge base. It is great way to get visibility into different vendors, which otherwise can be confusing due to the power of marketing.


Goals of the evaluation:

  • Empower end-users with objective insights into how to use specific commercial security products to detect known adversary behaviours.

  • Provide transparency around the true capabilities of security products and services to detect known adversary behaviours.

  • Drive the security vendor community to enhance their capability to detect known adversary behaviours.

This year’s evaluation had the largest number of participants:

BlackBerry Cylance, Broadcom, Check Point, Cisco, CrowdStrike, Cybereason, CyCraft, Cynet, Elastic, ESET, F-Secure, Fidelis, FireEye, Fortinet, GoSecure, Malwarebytes, McAfee, Micro Focus, Microsoft, OpenText, Palo Alto Networks, ReaQta, SentinelOne, Sophos, Trend Micro, Uptycs, and VMware.



The ATT&CK Evaluations team chose to emulate Carbanak and FIN7 because they bo