MITRE has released its latest findings from the ATT&CK Evaluations, focusing on enterprise cybersecurity solutions. The evaluations offer an independent assessment, using the MITRE ATT&CK knowledge base to analyze two threat areas: Windows emulations with common ransomware behaviors and macOS emulations reflecting North Korea's evolving malware tactics.

In this round, MITRE expanded its evaluation to include insights into efficiency and false positive rates. “The evidence-based results of the evaluations are a valuable resource for organizations in determining which cybersecurity solutions best address their needs,” said William Booth, general manager of ATT&CK Evals at MITRE.

The evaluation process highlighted ransomware as a significant global cyber threat, particularly focusing on variants like LockBit and CL0P, which showcase prevalent behaviors within the malware ecosystem.

Notably, North Korea is recognized as a significant cyber threat, increasingly targeting macOS systems to enhance its capabilities. The latest round incorporates Protection micro emulations to assess how cybersecurity solutions can defend against post-compromise attacks.

Participating vendors include AhnLab, Bitdefender, Cisco Systems, Microsoft, Palo Alto Networks, and many others. Unlike traditional rankings, the evaluations provide insights that help organizations identify solutions tailored to their specific cybersecurity gaps.

Detailed results are available at MITRE's evaluation site.