SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

SentinelOne excels in 2024 MITRE ATT&CK evaluations

Today

SentinelOne's AI-powered Singularity Platform has achieved a noteworthy milestone by delivering 100% detection and zero detection delays in the 2024 MITRE ATT&CK Evaluations: Enterprise.

For the fifth consecutive year, SentinelOne's Singularity Platform successfully detected all 80 attacks staged in the MITRE ATT&CK third-party evaluation, across every phase of the simulation. This performance marks it as a robust choice for cybersecurity, maintaining complete accuracy without any delays.

In addition to impeccable detection accuracy, the platform generated 88% fewer alerts than the median across all vendors evaluated.

This specific feature is crucial in reducing the fatigue security teams often face due to an overwhelming volume of alerts, enabling faster and more efficient responses to genuine threats.

The evaluation examined SentinelOne's effectiveness in pinpointing 16 attack steps and 80 substeps, exhibiting zero detection delays.

Furthermore, SentinelOne demonstrated its capability by providing 100% technique detections across various operating systems, including Windows, Linux, and MacOS.

The 2024 evaluation concentrated on significant threats, such as ransomware aimed at Windows and Linux systems and intricate multi-staged malware assaults on MacOS with a focus on credential targeting.

These simulations offer detailed insights into how different security products perform against real-world cyber threats.

This year's MITRE evaluation incorporated significant changes, introducing false positives into the detection segment to simulate realistic conditions and prevent the tendency of excessive alert generations.

Participants had to manage this complexity by maintaining a fine balance between detection accuracy and the generation of false positives.

Another notable shift in the testing protocol for 2024 was the operation of the consoles by MITRE's analysts themselves rather than by the vendors.

This adjustment was made to better reflect true operational environments and prevent any potential vendor bias, ensuring a more genuine representation of how these platforms would function in a real Security Operations Center.

Ric Smith, President, Product, Technology and Operations at SentinelOne, stated, "When it comes to defending against modern cyber attacks, three things matter: speed, accuracy and low noise, and SentinelOne's AI-powered approach delivers on each of them."

He further noted, "As validated by the latest evaluation, SentinelOne Singularity provides autonomous and comprehensive detection, out of the box, with zero delays across 100% of attacks, while eliminating noise and surfacing genuine threats."

"MITRE ATT&CK Evaluations have long been the gold standard, and we strongly believe that participation in these evaluations gives customers transparency they can trust, while driving vendors to focus their innovation on protecting customers from today's and tomorrow's real-world threats."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X