CrowdStrike detects advanced adversary attack in real-world, closed-book simulation in just four minutes, six to 11 times faster than competitive vendors; scores highest in detection coverage
CrowdStrike set a new speed benchmark for cybersecurity threat detection, identifying and alerting on a sophisticated eCrime adversary attack in just four minutes during the closed-book MITRE Engenuity’s ATT&CK Evaluations: Managed Services-Round 2. CrowdStrike Falcon Complete MDR operates at the speed of the adversary, detecting the security incident six to 11 times faster than competitive vendors, while scoring the highest in detection coverage.
MITRE’s closed book evaluation emulated a real-world eCrime attack without giving the vendors prior knowledge of the threat scenario – creating the most accurate assessment of a vendor’s capabilities. In this scenario, prevention capabilities of the Falcon agent were not permitted and the Falcon platform was operating in detect-only mode, meaning no automated actions could be taken to kill processes. In this rigorous setting, CrowdStrike reported 42 out of the 43 adversary techniques. MITRE recorded CrowdStrike’s mean-time-to-detect (MTTD) – the average time between when a specific attack activity was performed and an email alert regarding that activity was received – at a record-breaking four minutes, setting a new benchmark for speed in threat detection.
“Stopping breaches requires security teams to operate at the speed of the adversary. The Falcon platform’s unique cloud-born, AI-native architecture with one intelligent sensor delivers the best analyst experience and the fastest, most effective cybersecurity outcomes in the industry,” said Michael Sentonas, President of CrowdStrike. “Multiple platforms and stitched-together solutions are hard to use, create operational complexity, and slow security teams down when speed matters most. This is evident in testing scenarios and even more so in real-world environments. The powerful combination of CrowdStrike’s elite team of experts, the Falcon platform, and our knowledge of the adversary is unmatched in delivering the speed and efficacy needed to stop breaches.”
Additional Resources
- To learn more about how CrowdStrike achieved highest detection coverage scores and set the benchmark in threat detection time, read our blog.
- For full results and more information about the evaluations, visit here.
- To register for the CrowdStrike CrowdCast on the MITRE ATT&CK Evaluation: Managed Services on June 27, visit here.
Laut der jüngsten MITRE Engenuity`s Attack Evaluation erkennt die KI-Plattform von CrowdStrike Sicherheitsverletzungen sechs bis elf Mal schneller als die Mitbewerber in der Cyberindustrie.
Für Unternehmen ist es heute wichtiger denn je, mit der Geschwindigkeit der Angreifer Schritt zu halten. Denn die durchschnittliche Breakout-Time beträgt nur noch 2 Minuten und 7 Sekunden.
CrowdStrike ist der einzige Anbieter, der in der Lage ist, mit den Angreifern Schritt zu halten – nicht nur in Bezug auf die Geschwindigkeit, sondern auch in Bezug auf die Erkennung insgesamt, die mit 98 % (42 von 43 Angreifertechniken) die höchste Erkennungsrate aufweist.