MITRE™ Evaluation Validates Endgame’s Commitment to ATT&CK™
Third-party assessment substantiates Endgame as the first zero training endpoint protection platform to integrate the MITRE ATT&CK™ framework
ARLINGTON, Va., November 29, 2018 – Endgame, the first endpoint protection platform to deliver the stopping power of a world-class SOC in a single agent, today announced its results in the first vendor assessment from MITRE across the ATT&CK matrix. This new assessment validates Endgame’s power in delivering the detections and data visibility necessary for intelligent, effective implementations of ATT&CK-based defenses in the real world.
Endgame has championed the MITRE ATT&CK framework since its inception. It was the first endpoint protection vendor to advocate for ATT&CK as the go-to framework for threat intelligence; integrate ATT&CK into the Endgame platform; partner with MITRE for an initial evaluation; and, is now one of the first vendors to be independently assessed in MITRE’s inaugural vendor evaluation.
“In the converged endpoint security market there are numerous third-party assessments of vendor prevention capabilities which often focus on the delivery of a malicious payload. This type of testing has lost some value in the last couple of years as detection and response becomes a core competency of endpoint protection,” said Ian McShane, VP of Product Marketing at Endgame.
“The MITRE ATT&CK evaluation extends the existing independent testing community by focusing on post-compromise activity–what happens when prevention is circumvented and how quickly it can be detected. This test is a crucial component to evaluating converged endpoint protection products and complements other third-party tests that focus purely on prevention,” said Mark Dufresne, VP of Research at Endgame.
Endgame specializes in simplifying and scaling an organization’s ability to tackle what would otherwise be a daunting cybersecurity challenge by automatically detecting and preventing sophisticated adversary tactics, and by enabling users of any skill level to discover and respond to malicious activity. Endgame is the first MITRE-oriented solution that requires no advanced security training or knowledge.
The company recently enhanced its capabilities with new product automations and open source contributions aimed at addressing the staggering shortage of cybersecurity talent:
- Endgame Resolver - A visual and interactive interface that instantly identifies the origin and extent of a compromise to allow new infosec professionals to be effective immediately.
- Event Query Language (EQL) - The simplest and most intuitive hunting and real-time detection syntax to support search across the MITRE ATT&CK matrix.
- Red Team Automation (RTA) - An open-source framework that allows defenders to test their ATT&CK detection capabilities against malicious tradecraft through the practice of red-teaming.
- Total Attack Lookback - The industry’s first forensic review feature to exceed average adversary dwell time.
“This new assessment from MITRE is a step in the right direction by showing how different vendors provide visibility in uncovering the techniques that criminals and nation-state attackers use today. Endgame is proud to be one of the first companies assessed in an effort to cut through the marketing hype and promote transparency about the effectiveness of cybersecurity solutions,” added Dufresne.
About Endgame Endgame's converged endpoint security platform is transforming security programs - their people, processes and technology - with the most powerful endpoint protection and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before information theft. Endgame unifies prevention, detection, and threat hunting to stop known and unknown attacker behaviors at scale with a single agent. For more information, visit www.endgame.com and follow us on Twitter @EndgameInc.
Highwire PR for Endgame
415-963-4174 ext. 26