ATT&CK Evaluations Emulate Wizard Spider and Sandworm Threat Groups
BOSTON–(BUSINESS WIRE)–Cynet, the world’s first autonomous breach protection platform, today announced the results of its completed MITRE Engenuity ATT&CK Evaluation for the Cynet 360 AutoXDR™ platform. This round of independent ATT&CK Evaluations for enterprise cybersecurity solutions emulated the Wizard Spider and Sandworm threat groups, highlighting results across 30 vendors.
MITRE ATT&CK Evaluations test cybersecurity vendors’ abilities to detect and respond to real-world threats within the context of the MITRE ATT&CK Framework. This year, tests focused on two top threat actors: Wizard Spider and Sandworm. Wizard Spider is a financially motivated criminal group that has been conducting ransomware campaigns since August 2018 against a variety of organizations, ranging from major corporations to hospitals. Sandworm is a destructive Russian threat group that is known for carrying out notable attacks such as the 2015 and 2016 targeting of Ukrainian electrical companies and 2017’s NotPetya attacks. According to MITRE Engenuity, these two threat actors were chosen based on their complexity, relevancy to the market, and how well MITRE Engenuity’s staff can fittingly emulate the adversary.
“This latest round indicates significant product growth from our vendor participants. We are seeing greater emphasis in threat informed defense capabilities, which in turn has developed the infosec community’s emphasis on prioritizing the ATT&CK Framework,” said Ashwin Radhakrishnan Product and General Manager of ATT&CK Evaluations at MITRE Engenuity. “Additionally, we’ve significantly improved our vendor management workflows and processes, so that any vendor participant—either current or future—will now have a more structured and efficient experience.”
Highlights of Cynet’s performance in the 2022 MITRE ATT&CK Evaluation this year include:
- 100% visibility and detection across each of the 19 MITRE ATT&CK steps evaluated
- 100% prevention rate across the 9 tests conducted by MITRE
- Cynet is #3 vendor in number of prevented attacks and in speed of prevention in total
- Cynet is #3 vendor in detection coverage (98.2%) across the 109 sub-steps conducted in the MITRE ATT&CK Evaluation
- Cynet detected 98.5% of the different unique techniques presented in the MITRE ATT&CK Evaluation, demonstrating the platform’s ability to provide visibility and protection across the entire ATT&CK Kill Chain
“Our participation in the MITRE ATT&CK Evaluation last year helped drive several improvements to our protections,” noted Cynet CEO Eyal Gruner. “The results we achieved this year are proof of the value of participating in the evaluation and confirmation of Cynet’s protection capabilities for our valued customers.”
Cynet will host a series of webinars starting on April 7, during which their CTO, Aviad Hasnis, will explain how to interpret the MITRE ATT&CK Evaluation results and share details on Cynet’s performance. Sign up for the webinars here.
About MITRE Engenuity
MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.
MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense.
Cynet 360 is the world’s first Autonomous Breach Protection platform that natively integrates XDR endpoint, user and network attack prevention, and detection capabilities with an incident engine that fully automates investigation and remediation actions, backed by a 24/7 world-class MDR service. End to end, fully automated breach protection is now within reach of any organization, regardless of security team size and skill level. Visit to learn more: https://www.cynet.com.