Skip to main

Kaspersky in MITRE ATT&CK®

As cyberattacks grow more complex and persistent, understanding criminal techniques becomes key to effective enterprise cyber-defense. See how the MITRE ATT&CK methodology is used to evaluate Kaspersky’s performance.


MITRE ATT&CK® is an open knowledge database where attackers' arsenals and behaviors are collected and categorized by MITRE researchers, based on multiple real-world studies and threat reports. ATT&CK is a valuable framework for organizations seeking a better understanding of specific threats they may face.
Since 2018, MITRE has been evaluating cybersecurity products, based on the ATT&CK framework. In these evaluations, researchers emulate known adversary behaviors to reveal how each product detects the different steps of a targeted attack. There are no scores, rankings, or ratings in this evaluation. Instead, MITRE shows how each vendor approaches threat defense within the context of ATT&CK, so any organization can see the true capabilities of a security product in addressing its individual concerns.
In 2019, Kaspersky took part in MITRE ATT&CK Evaluation Round 2: our security products were tested against attack techniques of the APT29 threat group. Here you'll find the evaluation results and important comparative metrics, together with our views on MITRE methodologies.