CrowdStrike Breaks Speed Record in MITRE ATT&CK® Evaluation

BENGALURU, India. June 21, 2024 – CrowdStrike set a new speed benchmark for cybersecurity threat detection, identifying and alerting on a sophisticated eCrime adversary attack in just four minutes during the closed-book MITRE Engenuity’s ATT&CK® Evaluations: Managed Services-Round 2. CrowdStrike Falcon® Complete MDR operates at the speed of the adversary, detecting the security incident six to 11 times faster than competitive vendors, while scoring the highest in detection coverage.

Michael Sentonas

MITRE’s closed book evaluation emulated a real-world eCrime attack without giving the vendors prior knowledge of the threat scenario – creating the most accurate assessment of a vendor’s capabilities. In this scenario, prevention capabilities of the Falcon agent were not permitted and the Falcon platform was operating in detect-only mode, meaning no automated actions could be taken to kill processes. In this rigorous setting, CrowdStrike reported 42 out of the 43 adversary techniques. MITRE recorded CrowdStrike’s mean-time-to-detect (MTTD) – the average time between when a specific attack activity was performed and an email alert regarding that activity was received – at a record-breaking four minutes, setting a new benchmark for speed in threat detection.

“Stopping breaches requires security teams to operate at the speed of the adversary. The Falcon platform’s unique cloud-born, AI-native architecture with one intelligent sensor delivers the best analyst experience and the fastest, most effective cybersecurity outcomes in the industry,” said Michael Sentonas, President of CrowdStrike. “Multiple platforms and stitched-together solutions are hard to use, create operational complexity, and slow security teams down when speed matters most. This is evident in testing scenarios and even more so in real-world environments. The powerful combination of CrowdStrike’s elite team of experts, the Falcon platform, and our knowledge of the adversary is unmatched in delivering the speed and efficacy needed to stop breaches.”