Kaspersky in MITRE ATT&CK®

As cyberattacks grow more complex and persistent, understanding criminal techniques becomes key to effective enterprise cyber-defense. See how the MITRE ATT&CK methodology is used to evaluate Kaspersky’s performance.

    Round 2 (APT29) evaluation results

    MITRE ATT&CK® is an open knowledge database where attackers' arsenals and behaviors are collected and categorized by MITRE researchers, based on multiple real-world studies and threat reports. ATT&CK is a valuable framework for organizations seeking a better understanding of specific threats they may face.
    Since 2018, MITRE has been evaluating cybersecurity products, based on the ATT&CK framework. In these evaluations, researchers emulate known adversary behaviors to reveal how each product detects the different steps of a targeted attack. There are no scores, rankings, or ratings in this evaluation. Instead, MITRE shows how each vendor approaches threat defense within the context of ATT&CK, so any organization can see the true capabilities of a security product in addressing its individual concerns.
    In 2019, Kaspersky took part in MITRE ATT&CK Evaluation Round 2: our security products were tested against attack techniques of the APT29 threat group. Here you'll find the evaluation results and important comparative metrics, together with our views on MITRE methodologies.

    <h3 xmlns="http://www.w3.org/1999/xhtml">Round 2 Evaluation Results</h3>

    Round 2 Evaluation Results

    See how Kaspersky performs against APT29 techniques in the ATT&CK evaluation

    Read more
    <h3 xmlns="http://www.w3.org/1999/xhtml">Round 2: Visual Perspective</h3>

    Round 2: Visual Perspective

    See how Kaspersky looks against other participating vendors

    Read more
    <h3 xmlns="http://www.w3.org/1999/xhtml">Round 2: Our Configuration</h3>

    Round 2: Our Configuration

    More details about the Kaspersky solution used in ATT&CK Evaluation

    Read more
    <h3 xmlns="http://www.w3.org/1999/xhtml">ATT&amp;CK Evaluation: Insights</h3>

    ATT&CK Evaluation: Insights

    Learn about the methodology specifics, for better understanding of results

    Read more
    <h3 xmlns="http://www.w3.org/1999/xhtml">What's behind APT29?</h3>

    What's behind APT29?

    How they attack: the story of our hunt for the CozyDuke criminal group

    Read more
    <h3 xmlns="http://www.w3.org/1999/xhtml">Visiting MITRE</h3>

    Visiting MITRE

    Find out what being evaluated actually feels like

    Read more
    <h3 xmlns="http://www.w3.org/1999/xhtml">Mapping EDR to ATT&amp;CK</h3>

    Mapping EDR to ATT&CK

    See how Kaspersky EDR maps its findings to the MITRE techniques

    Read more
    <h3 xmlns="http://www.w3.org/1999/xhtml">ATT&amp;CK in MDR services</h3>

    ATT&CK in MDR services

    How effective is the MITRE matrix in security operations?

    Read more
    <h3 xmlns="http://www.w3.org/1999/xhtml">ATT&amp;CK in APT Reports</h3>

    ATT&CK in APT Reports

    Outsmart your adversaries with Kaspersky Threat Intelligence

    Read more
    <h3 xmlns="http://www.w3.org/1999/xhtml">ATT&amp;CK for ICS: Industroyer</h3>

    ATT&CK for ICS: Industroyer

    See how Kaspersky Industrial CyberSecurity deals with an Industroyer-based APT

    Read more

    We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

    Accept and Close