F-Secure’s Detection and Response Capabilities Shine in 3rd MITRE Engenuity ATT&CK® Evaluation
April 2021 by Marc Jacob
F-Secure published its analysis of the company’s performance in MITRE Engenuity’s third ATT&CK® Evaluation. The evaluation pitted F-Secure’s detection and response capabilities against the tactics and techniques of Carbanak and FIN7 – two groups that have compromised financial services and hospitality organizations through the use of sophisticated malware and techniques, resulting in the theft of more than $1 billion across hundreds of businesses over the past five years.
Each year, MITRE Engenuity conducts independent evaluations of cyber security products to help government and industry make better decisions to combat security threats and improve the industry’s threat detection capabilities. In the past few months, 29 vendors participated in the Carbanak and FIN7 evaluations – up from the 12 key players that participated in the first ATT&CK Evaluation. The ATT&CK Evaluations team chose to emulate Carbanak and FIN7 because they target a wide range of industries for financial gain, whereas prior emulated groups were more focused on espionage. The MITRE Engenuity ATT&CK Evaluations team always balances previously tested techniques with untested techniques and variation to best capture how the defensive solutions are evolving to address a diverse set of threats.