Sophos’ Intercept X with XDR has excelled in MITRE Engenuity ATT&CK® Evaluations, detecting 99% of adversary behaviors and accurately identifying 141 out of 143 adversary attack steps. This achievement highlights the solution’s robust cybersecurity capabilities and its potential to enhance threat detection and response in the ever-evolving landscape of cyber threats.
25 September 2023 – Sophos, a global cybersecurity-as-a-service leader, has celebrated impressive results in the recent MITRE Engenuity ATT&CK® Evaluations. The company’s Sophos Intercept X, combined with Extended Detection and Response (XDR), demonstrated exceptional capabilities by detecting 99% of adversary behaviors in the evaluation, accurately identifying 141 out of 143 adversary attack steps.
The MITRE Engenuity ATT&CK® Evaluations are highly regarded for assessing cybersecurity solutions’ effectiveness in identifying and mitigating threats. Sophos’ Intercept X with XDR stood out with its comprehensive Endpoint Detection and Response (EDR) and XDR features, providing critical insights into the “what,” “why,” and “how” of attacker behaviors. This comprehensive approach allows security professionals to understand the attack lifecycle, enabling swift and effective responses.
Moreover, Sophos Intercept X with XDR excelled by recording rich analytical data for 98% of the substeps outlined in the ATT&CK Evaluations. This level of detail empowers security teams to have a deeper understanding of the attack techniques employed by adversaries.
Sophos’ President and Chief Technology Officer, Joe Levy, emphasized the importance of robust cybersecurity solutions, particularly in the face of increasingly sophisticated adversaries. He highlighted that Sophos meticulously designs its solutions to empower security operators with superior protection, detection, and response capabilities. These capabilities help organizations fend off known and unknown threats before they escalate into devastating attacks. The MITRE evaluation results serve as a testament to the real-world security strength of Sophos.
In this round of independent ATT&CK Evaluations, 30 vendors were assessed for their ability to detect and analyze the tactics, techniques, and procedures (TTPs) employed by Turla, a renowned Russia-based threat group known for its innovative evasion tactics and custom tools. Turla’s activities span a wide range of sectors, including government, critical infrastructure, and education.
Amy Robertson, MITRE cyber threat intelligence lead for ATT&CK Evals, noted the complexity of Turla’s operations, highlighting their platform diversity, dynamic stealth tactics, and layered persistence techniques. The MITRE evaluations aim to provide end-users and purchasers with impartial insights into product capabilities for detecting advanced adversary behaviors while collaborating with vendors to enhance their products.
Sophos Intercept X with XDR integrates several active adversary mitigation features, such as Adaptive Attack Protection, which immediately triggers heightened defenses upon detecting hands-on-keyboard attacks. This proactive approach grants defenders precious extra time to respond effectively. The solution also includes anti-ransomware technology, deep learning artificial intelligence, and exploit prevention mechanisms.
Powered by Sophos X-Ops threat intelligence, a collaborative task force of over 500 security experts within SophosLabs, Sophos SecOps, and SophosAI, Sophos Intercept X with XDR continues to deliver cutting-edge protection against evolving cyber threats.
