Independent Testing Confirms 100 Percent Detection Rate of Major Steps in Emulated Carbanak and FIN7 Attacks; Two of the Most Advanced Cybercriminal Groups
Bitdefender, a global cybersecurity leader, today announced it achieved the highest number of detections of the 29 participating cybersecurity vendors in MITRE Engenuity’s recent independent ATT&CK Evaluations for enterprise cybersecurity solutions. Bitdefender also achieved strong results in key areas including enabling efficient security operations and reducing alert fatigue by providing analytics insights for 96 percent of all detections and detecting 100 percent of attack techniques against Linux systems.
“This achievement further affirms Bidefender’s superiority in detecting behaviors, malware and tactics used by advanced cybergangs and nation-state threat actors before they gain a foothold into an organization,” said Dragos Gavrilut, director of cyber threat intelligence at Bitdefender. “Modern cybersecurity teams must first maximize preventing attacks, but also quickly detect and respond should a breach occur. As a security pioneer, Bitdefender has exceled for many years in providing organizations with solutions for all three critical capabilities.”
The ATT&CK Evaluations tested cybersecurity vendors for their ability to detect techniques and tactics of FIN7 and Carbanak, two well-known threat actors that have each demonstrated the ability to compromise financial service and hospitality organizations using advanced malware and stealth. Mapped against MITRE ATT&CK, a framework that has emerged as an industry gold standard for testing product effectiveness in detecting advanced adversaries, vendor participants were evaluated based on detection rates across 20 steps and 174 sub-steps in the framework’s attack kill chain from initial compromise through final stage of payment data theft.
Bitdefender results include:
- Highest number of detections — Bitdefender GravityZone led the field of vendor solutions with the highest number of detections across all attack steps and sub-steps within the MITRE ATT&CK framework (a result of 10 more detections than the next closest solution and nearly 50 percent greater than the average number of detections for all vendors evaluated).
- 100 percent visibility — Achieved not only 100 percent visibility and context for the major attack steps, but also provided analytic context for 96 percent of the sub-steps detected by Bitdefender.
- Exceptional Linux protection — Bitdefender detected 100 percent of attack techniques against Linux systems.
“Independent tests are extremely valuable for organizations navigating a complex cybersecurity vendor landscape,” said Steve Kelley, president and general manager of Bitdefender Business Solutions Group. “As attacks increase in both frequency and sophistication, in-depth frameworks like MITRE ATT&CK help guide decision-makers and technical evaluators since they are based on real-world cybersecurity scenarios that address not only the need for strong threat detection but other key challenges such as reducing alert fatigue and ensuring visibility across environments. We believe the MITRE ATT&CK results clearly demonstrate Bitdefender’s value in these areas.”
When considering all major MITRE ATT&CK 2021 test metrics (detection, analytics, telemetry, and visibility), Bitdefender provides a smart choice of platform and managed services to help organizations enhance cyber resilience with solutions that offer the highest rate of detection and actionable alerts. The company’s achievement is the latest MITRE ATT&CK Evaluation where the company outperformed other vendors, previously having achieved a 100 percent detection rate of APT 29, one of the world’s most formidable state-sponsored groups.
Additionally, Bitdefender was recently recognized as a “Top Player” for endpoint security in the Radicati Market Quadrants for Endpoint Security, 2020 and earned a perfect score for threat prevention in AV Comparatives’ Protection Test (Enhanced Real-World Test) for enterprise products.