Skip Navigation

MITRE ATT&CK EVALUATIONS

Key takeaways from Field Effect MDR’s evaluation results

Field Effect MDR demonstrated early, rapid threat detection and purposeful, clear alerting, which would've fully protected our customers had this simulated scenario been a true cyberattack. 

01

Instant identification of risk

Upon deployment, Field Effect MDR found and reported four risks that formed the basis of the attack. In a true event, Field Effect MDR would have worked with the client to address these, proactively protecting them from this type of attack.

02

Rapid threat detection

Field Effect MDR detected the very first sign of threat activity in only two minutes—with an overall 11-minute mean time to detect (MTTD)—ensuring no delay in remediation in a real-life scenario.

03

Purposeful alerting

Field Effect MDR is noise-free and, despite detecting threat activity in all applicable steps, only reported on that which businesses would need to know during an actual incident—ensuring no duplicate or peripheral alerts, nor impact on business continuity.

04

Clear, actionable language

Field Effect MDR reported actionable detections for 100% of steps in the attack, translating technical information into clear and actionable language that doesn’t require significant cybersecurity expertise to understand.
Horizontal bar chart with 15 steps, each with multiple substeps.

EVALUATION OVERVIEW

Field Effect MDR Results

Field Effect MDR detected threat activity only two minutes into the simulated attack, and identified four key risks before the evaluation even began.

Throughout the attack, which spanned 15 steps, Field Effect MDR consistently detected malicious behavior at the first stages of each step.

Had this been a true event, Field Effect MDR would have neutralized every step to halt the spread and prevent business disruption—effectively thwarting the attack early and protecting our customers 100%.

See full results
15+ cybersecurity tools listed, with only EDR and Intrusion detection highlighted as evaluated. Other tools include MDR, SIEM, SOC, etc.

Evaluation Methodology

About the ATT&CK Evaluation

The MITRE Engenuity ATT&CK Evaluation evaluated vendors’ abilities to detect and report 43 tactics and techniques out of a total of 174.

  • Evaluations focused on reported alerts versus overall detections.
  • Vendors could not block or defend against suspicious activity.
  • Alerts required specific terms and details better suited for those with an internal SOC.
  • Of the 15+ cybersecurity tools covered by Field Effect MDR, the evaluation focused on EDR, network monitoring, and intrusion detection. 
15+ MITRE_v2
Horizontal bar chart showing 15 steps and multiple substeps. Field Effect reported on the first or second substep for all listed.

Our Approach

The evaluation vs our approach

While Field Effect MDR detected each step of the attack in its earliest stages, it's critical to note that the evaluation focused on vendors' abilities to report on adversarial behavior, not on end-user experience or threat detection and intervention capabilities.

So when assessing results, consider if the vendor:

  • Detected critical steps promptly to stop spread and disruption.
  • Can expeditiously stop threats, not just alert on their presence.
  • Alerts at a volume and with a level of clarity suitable for your team.

Insight & Guidance

Recommended Resources

Decorative Featured Image

Video

Tour the Field Effect MDR Portal

Watch this 3-minute demo that introduces key features of Field Effect MDR's proactive approach to stopping cyberthreats...
Decorative Featured Image

White Paper

Comparing managed detection and response (MDR) vendors 

Compare leading managed detection and response (MDR) vendors, using real end-user feedback and ratings, to make more...
Decorative Featured Image

Blog Post

The MITRE ATT&CK framework, explained

Learn more about the MITRE ATT&CK Framework, a knowledge base that dives into common adversarial behavior to help users...
FE-Home-Image_04

About Field Effect

The true power of Field Effect MDR

Our innovative approach makes Field Effect MDR ideal for the small and mid-sized enterprise market whose needs and expectations differ from those with internal cybersecurity teams.

For our SME and MSP clients looking to offload some or all of their cybersecurity burden, we’ll continue providing streamlined reporting and open communication—an intentionally different cybersecurity solution tailored specifically to their needs. 

Today, 1000s of SMEs and the MSPs who support them benefit from:

  • Holistic protection of endpoints, network, and cloud
  • Jargon-free, noise-free alerts known as AROs
  • Real-time active response and blocking
  • Full two-way support and interaction to reduce complexity