News

MITRE seeks participants for endpoint detection, response product evaluations

MITRE, a public interest research and development company, recently announced that it is seeking commercial cybersecurity vendors to participate in an evaluation of endpoint detection and response (EDR) products based on MITRE’s ATT&CK knowledge base.

ATT&CK is a globally accessible knowledge base of cyber adversary techniques built from the contributions of public and private companies as well as academic and government institutions. The ATT&CK knowledge base identifies threats and defines them in a common language and framework in an effort to drive improvements in security.

“ATT&CK provides a common framework for evaluating post-breach capabilities,” Frank Duff, principal cybersecurity engineer, said. “We believe that objective and open testing based on ATT&CK will advance capabilities and help drive the entire endpoint detection and response market forward.”

MITRE will use the knowledge base to conduct formal product evaluations as a service for interested cybersecurity vendors. The company will provide participants with information on the ATT&CK technique tested, actions the assessors took to execute and the product’s ability to detect the emulated adversary behavior as well as feedback from MITRE cyber experts for improving their products. The company will publicly release all evaluation results to drive overall market improvement.

“We want to help strengthen cybersecurity in our nation against sophisticated, determined adversaries, across both the public and private sectors,” Peter Sherlock, MITRE’s chief operating officer, said. “Offering impartial evaluations to support industry progress in cybersecurity is a way to contribute our defense-quality cyber expertise and objective insight to make the world a safer place.”

The first round of evaluations will be an adversary emulation of APT3/Gothic Panda, as described by ATT&CK. The evaluations will explore the technical ability to detect adversary behavior.

Future rounds will address additional APT adversary emulations, both in the breadth of techniques and the depth of technique implementation variation.

The first-round call for participation is open to all vendors until April 13.

Kevin Randolph

Recent Posts

Fire Grants and Safety Act proposes new support for firefighter, first responder services

With approval from the House this week, the Fire Grants and Safety Act (S.870) seems…

3 hours ago

Shuffle at the Cyber Safety Review Board as four seats change hands

The Cyber Safety Review Board (CSRB), which is only two years old, announced a shakeup…

3 hours ago

Dozens of federal lawmakers oppose Air Force proposal to reassign National Guard units out of governors’ authority

Opposition rose this week against a proposal from the U.S. Air Force within the FY…

1 day ago

New federal report connects emergency responders with non-detonable training aids for explosive detection dogs

In order to properly prepare working canines for explosives detection, the Department of Homeland Security…

1 day ago

Border Security and Enforcement Block Grant Act proposes federal grant funding for physical border barriers

Through new legislation, U.S. Reps. Michael McCaul (R-TX) and Mike Turner (R-OH) recently placed themselves…

2 days ago

Avian flu outbreak prompts Congressional request for interagency coordination

Fearing the potential behind a recent outbreak of avian flu (H5N1), 17 U.S. senators wrote…

2 days ago

This website uses cookies.