SentinelOne, a provider of an automated cybersecurity platform, presented results related to the MITER Engenuity ATT&CK Carbanak + FIN7 Enterprise Evaluation 2020.
Of the 29 endpoint vendors analyzed, SentinelOne was the only one to achieve complete visibility, detecting all threats within both Windows and Linux environments. SentinelOne showed no delays in detections, did not undergo any configuration changes and achieved i analytical surveys more complete than all the products tested, demonstrating the potential of AI-powered technology in countering the most sophisticated attacks.
Key data emerging from the MITER evaluation highlighted that:
- SentinelOne is the only vendor that offers 100% visibility, detecting all threats present in all tested operating systems. To develop best-in-class EDR, visibility is the primary requirement, achievable only through solid big data skills. Singularity provided a comprehensive view of the entire enterprise, autonomously detecting any type of attack on machine speed.
- SentinelOne provided best-in-class analytics, ensuring complete, automated and immediate context. Due to the large amount of alerts and data they receive, Security Operation Center (SOC) teams often fail to respond promptly to threats that require rapid intervention. Singularity provides a complete picture and correlation of data, automated and in real time to allow analysts to focus on the most harmful threats.
- SentinelOne did not experience any delays in detections. Hackers, accustomed to operating quickly, must be countered through automated and fast solutions, avoiding the latency of manual work. Singularity provides real-time, contextualized findings as they occur, making it easier for any analyst to interpret the results.
- SentinelOne required no configuration changes, making EDR easier. Constantly adapting and configuring a device is losing the battle before it even begins. Any technology solution should work enterprise-wide right out of the box. Singularity installs in seconds and runs at full capacity immediately.
- SentinelOne produced an alert for each targeted device. When defending against advanced attacks, even the most experienced analysts find it difficult to manually manage these threats. By consolidating hundreds of data points into an advanced 48-hour campaign, SentinelOne Storyline encoded the attack in a single alert for each affected device. Singularity automatically transforms complex, messy data into a clear, precise view.
"MITRE Engenuity ATT&CK is the most objective and comprehensive test to measure the potential of EDR. "SentinelOne's Singularity has set the standard for visibility, which is a critical requirement for detection and response," he said Raj Rajamani, Chief Product Officer at SentinelOne. "The threat landscape is evolving at an exponential rate and crowd-powered solutions cannot keep pace, putting enterprises at risk. Singularity's performance in this year's Carbanak+FIN7 Emulation highlights our commitment to preventing breaches by implementing autonomous, proactive, real-time cybersecurity across all enterprises and edge environments," he concludes. Rajamani.
SentinelOne was one of the first companies committed to endpoint security a correlating alerts within the product with the framework MITER ATT&CK, taking the latter as new threat hunting standard and the first to adopt the MITRE ATT&CK Endpoint Protection Product Evaluation, demonstrating the company's leadership in providing a complete threat picture and visibility within the MITER framework.
To learn more about SentinelOne's performance in the 2020 MITER Engenuity ATT&CK evaluation, see www.sentinelone.com/lp/mitre/
