Independent Evaluation of Multiple Vendors Reveals Superior Effectiveness and Reporting Capabilities of Bitdefender Managed Detection and Response Services
Bitdefender, a global cybersecurity leader, announced it achieved 100% coverage of steps in the first MITRE Engenuity ATT&CK Evaluation for Managed Services, an evaluation of 16 participating cybersecurity vendors in their ability to analyze and describe adversary behavior. In addition to complete coverage of steps in the MITRE ATT&CK kill chain (the industry gold standard framework for understanding how attacks work), Bitdefender also delivered concise curated reports with actionable insights to minimize alert fatigue and enhance security team’s ability to quickly and effectively respond.
“Organizations can use the evaluations to determine which service providers best address their cybersecurity gaps and fit their particular business needs.”
“Our ability to identify attack techniques of advanced adversaries during rigorous real-world tests like MITRE Engenuity validates Bitdefender’s position as a trusted leader in managed detection and response (MDR) services,” said Andrei Florescu, deputy general manager and senior vice president of products at Bitdefender Business Solutions Group. “Beyond effective threat detection, the MITRE ATT&CK Evaluations for Managed Services also revealed that Bitdefender limits unnecessary noise with curated reports and actionable alerts which is what security teams need to quickly take action.”
The 2022 ATT&CK Evaluations for security service providers tested participating cybersecurity vendors in a ‘closed book’ version of adversary emulation using tactics, techniques and procedures (TTPs) of OilRig. Also known as APT34, OilRig is a notorious adversary associated with the Iranian government and relies heavily on social engineering, stolen credentials, and attacks against the supply chain to steal sensitive data and carry out espionage campaigns against critical infrastructure, military, financial services, government and telecommunication operators. This threat actor was chosen based on its evasion and persistence techniques, its complexity and relevancy to industry.
Each participant was evaluated based on understanding of emulated OilRig activity across 10 total steps in the framework’s attack kill chain from initial compromise through the final stage. Participants leveraged a self-supplied toolset to enable their detection capabilities and provide the relevant analysis in the same format they provide to customers.
MITRE Engenuity evaluated Bitdefender Managed Detection and Response (MDR), a managed security service that provides 24×7 continuous threat monitoring and response, intelligence-based threat hunting and elite expertise housed in a fully staffed security operations center (SOC) to help augment organizations with limited cybersecurity resources.
Complete Coverage of Attack Techniques — Bitdefender MDR reported malicious activity across all 10 MITRE ATT&CK® steps for OilRig including the identification of anomalous adversarial behavior and context of how the attack was performed.
Outstanding Actionable Reporting — Bitdefender MDR demonstrated concise curated reporting summarizing malicious activities with actionable recommendations. The attention to short digestible reporting helps minimize alert fatigue allowing security teams to pinpoint and eliminate threats faster.
Powerful Native Technology Stack — Bitdefender MDR achieved its favorable testing results leveraging a native technology stack that serves as a cornerstone for the company’s entire security portfolio. Customers seamlessly integrate threat prevention, endpoint detection and response (EDR) and extended detection and response (XDR) into MDR services without requiring costly add-ons.
“More than half of organizations use security service providers to protect their data and networks. We wanted to research how they are employing threat-informed defense practices for their clients,” said Ashwin Radhakrishnan, general manager, ATT&CK Evaluations, MITRE Engenuity. “Organizations can use the evaluations to determine which service providers best address their cybersecurity gaps and fit their particular business needs.”