Complete detection on all major steps
The most recent MITER Engenuity ATT&CK evaluations for managed services featured attacks modeled on real-world adversaries menuPass and BlackCat/AlphV. These took the form of advanced persistent threats (APTs) designed to remain on the network after the breach and execute harmful activities over time.
Trend MDR achieved full detection coverage, reflecting and reinforcing our cybersecurity achievements:
- 100% on all major attack steps
- 100% for rich details about TTP
- 86% actionable rate for important steps
How Trend MDR offers
To put its evaluation of MDR into context, MITER Engenuity conducted a survey prior to the test, gaining insight into market perceptions and expectations of managed cybersecurity services. More than half (58%) of respondents said they rely on managed services to complement their internal SOC or as their primary line of defense. For companies with fewer than 5,000 employees, that figure rose to 68%.
Our MDR service at Trend helps meet those needs by combining AI techniques with human threat analysis and expertise. We correlate data and detect threats that might otherwise go unnoticed as lower severity alerts. Our experts prioritize threats by severity, determine the root cause of attacks, and develop detailed response plans.
xdr networks and operational technologies (OT).
Integrated with native XDR insights is deep, global threat intelligence. Native telemetry enables high-fidelity detections, strong correlations, and rich context; Global threat intelligence provides highly relevant context to detect threats more quickly and accurately. Combined with a broad ecosystem of third-party integration and response automation across all vectors, Trend Vision One features a full-spectrum SOC platform for security teams to accelerate investigations and free up time to focus on proactive, high-level security work. value, including threat hunting and detection engineering. In some cases, smaller teams rely entirely on our MDR service for their security operations.
With Trend Vision One, teams have access to a constantly growing and updating library of detection models, with the ability to create custom detection models that fit their unique threat models.
Proven strength in delivering more trusted alerts
Security and security operations center (SOC) teams are inundated with detection and noise alerts. Our visibility and analysis performance strikes a fine balance between providing early warnings of critical adversary tactics and techniques and managing alert fatigue to improve the analyst experience. Our MDR operations team takes advantage of the platform and only knows how to alert clients when it is critical.
In every simulation during the MITER Engenuity ATT&CK evaluations, there were no scenarios in which the menuPass and BlackCat/AlphV attack attempts successfully breached the environment without being detected or disrupted.
It is important to note that MITER Engenuity does not rate products or solutions. Provides objective measures but not scores. Instead, since each service and solution works differently, the evaluation reveals areas of strength and opportunities for improvement within each offering.
About the attacks
He pass menu The threat group has been active since at least 2006. Some of its members have been associated with the Tianjin State Security Bureau of China's Ministry of State Security and the Huaying Haitai Science and Technology Development Company. It has focused on healthcare, defense, aerospace, financial, maritime, biotech, energy and government targets, and in 2016-2017 went after managed IT service providers. Black cat is a Rust-based ransomware offered as a service and was first observed in November 2021. It has been used to attack organizations in Africa, the Americas, Asia, Australia, and Europe across a variety of sectors.
Testing our service
In cybersecurity, actions speak louder than words. Our significant investment in research and development extends to our MDR service offering to support thousands of businesses around the world.
We are dedicated to continuous iteration and improvement to equip security teams with cutting-edge solutions to keep their organizations safe. As we evolve our solutions, MITER Engenuity also continues to evolve its assessment approach. The โactionabilityโ category was new to this assessment, as it determined whether each alert provided enough context for the security analyst to act. The actionability testing category is an area where we are investing heavily from a process and technology standpoint to ensure contextual awareness, prioritization and intelligent targeting are included while maintaining manageable and manageable communication cadences. False positive alerts are minimized.
Overall, the areas of improvement that emerged through the test scenarios have involved dedicated engineering and development efforts to match the high standard we maintain and that our users expect. We are pleased to see that our MDR service demonstrated a strong balance of detection capabilities across the attack chain, both within the service itself and integrated into the underlying Trend Vision One platform.
We invite all of our MDR clients to take a look at MITER Engenuity's ATT&CK assessments for managed services to better understand the strength of their defensive posture and to come to us with any questions or ideas.
Next steps
For more information on Trend MDR, XDR, and other related topics, check out these additional resources:
