Independent Testing Confirms 100 Percent Detection Rate of Major Steps in Emulated Carbanak and FIN7 Attacks; Two of the Most Advanced Cybercriminal Groups
BUCHAREST, Romania and SANTA CLARA, Calif. – April 22, 2021 – Bitdefender, a global cybersecurity leader, today announced it achieved the highest number of detections of the 29 participating cybersecurity vendors in MITRE Engenuity’s recent independent ATT&CK Evaluations for enterprise cybersecurity solutions. Bitdefender also achieved strong results in key areas including enabling efficient security operations and reducing alert fatigue by providing analytics insights for 96 percent of all detections and detecting 100 percent of attack techniques against Linux systems.
“This achievement further affirms Bidefender’s superiority in detecting behaviors, malware and tactics used by advanced cybergangs and nation-state threat actors before they gain a foothold into an organization,” said Dragos Gavrilut, director of cyber threat intelligence at Bitdefender. “Modern cybersecurity teams must first maximize preventing attacks, but also quickly detect and respond should a breach occur. As a security pioneer, Bitdefender has exceled for many years in providing organizations with solutions for all three critical capabilities.”
The ATT&CK Evaluations tested cybersecurity vendors for their ability to detect techniques and tactics of FIN7 and Carbanak, two well-known threat actors that have each demonstrated the ability to compromise financial service and hospitality organizations using advanced malware and stealth. Mapped against MITRE ATT&CK, a framework that has emerged as an industry gold standard for testing product effectiveness in detecting advanced adversaries, vendor participants were evaluated based on detection rates across 20 steps and 174 sub-steps in the framework’s attack kill chain from initial compromise through final stage of payment data theft.
Bitdefender results include:
- Highest number of detections — Bitdefender GravityZone led the field of vendor solutions with the highest number of detections across all attack steps and sub-steps within the MITRE ATT&CK framework (a result of 10 more detections than the next closest solution and nearly 50 percent greater than the average number of detections for all vendors evaluated).
- 100 percent visibility — Achieved not only 100 percent visibility and context for the major attack steps, but also provided analytic context for 96 percent of the sub-steps detected by Bitdefender.
- Exceptional Linux protection — Bitdefender detected 100 percent of attack techniques against Linux systems.
“Independent tests are extremely valuable for organizations navigating a complex cybersecurity vendor landscape,” said Steve Kelley, president and general manager of Bitdefender Business Solutions Group. “As attacks increase in both frequency and sophistication, in-depth frameworks like MITRE ATT&CK help guide decision-makers and technical evaluators since they are based on real-world cybersecurity scenarios that address not only the need for strong threat detection but other key challenges such as reducing alert fatigue and ensuring visibility across environments. We believe the MITRE ATT&CK results clearly demonstrate Bitdefender’s value in these areas.”
When considering all major MITRE ATT&CK 2021 test metrics (detection, analytics, telemetry, and visibility), Bitdefender provides a smart choice of platform and managed services to help organizations enhance cyber resilience with solutions that offer the highest rate of detection and actionable alerts. The company’s achievement is the latest MITRE ATT&CK Evaluation where the company outperformed other vendors, previously having achieved a 100 percent detection rate of APT 29, one of the world’s most formidable state-sponsored groups.
Additionally, Bitdefender was recently recognized as a “Top Player” for endpoint security in the Radicati Market Quadrants for Endpoint Security, 2020 and earned a perfect score for threat prevention in AV Comparatives’ Protection Test (Enhanced Real-World Test) for enterprise products.
Read more information and full results of the MITRE ATT&CK Evaluations.
About MITRE Engenuity ATT&CK Evaluations
MITRE Engenuity ATT&CK evaluations are paid for by vendors and are intended to help vendors and end-users better understand a product’s capabilities in relation to MITRE’s publicly accessible ATT&CK® framework. MITRE developed and maintains the ATT&CK knowledge base, which is based on real world reporting of adversary tactics and techniques. ATT&CK is freely available, and is widely used by defenders in industry and government to find gaps in visibility, defensive tools, and processes as they evaluate and select options to improve their network defense. MITRE Engenuity makes the methodology and resulting data publicly available so other organizations may benefit and conduct their own analysis and interpretation. The evaluations do not provide scores, ranks, or endorsements.
Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, business, and government environments, Bitdefender is the industry’s trusted expert* for eliminating threats, protecting privacy and data, and enabling cyber resiliency. With deep investments in research and development, Bitdefender Labs discovers 400 new threats each minute and validates 30 billion threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 150 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170 countries with offices around the world.
*Bitdefender has ranked #1 in 54% of all tests by AV-Comparatives 2018-2021 for real-world protection, performance, malware protection & advanced threat protection.