SentinelOne Leads 2020 MITRE ATT&CK Evaluation as Only Vendor to Deliver 100% Visibility

SentinelOne, the autonomous cybersecurity platform company, today released its results from the 2020 MITRE Engenuity ATT&CK Carbanak+FIN7 Enterprise Evaluation. Out of the 29 endpoint vendors evaluated, SentinelOne was the only vendor to achieve complete visibility with zero missed detections across both Windows and Linux environments. SentinelOne had no delayed detections, no configuration changes, and had the most complete analytic detections out of all tested products — showcasing the capabilities of AI-powered technology in combating sophisticated threat actors.

Key MITRE evaluation results include:

• SentinelOne is the only vendor to deliver 100% visibility with zero missed detections across all tested operating systems. Visibility is the foundation to best-in-class EDR and big data expertise is vital to unlocking visibility. Singularity delivered a comprehensive view of the entire enterprise, detecting every attack autonomously at machine speed.
• SentinelOne delivered the most high-quality analytic detections to provide automated and instant context. SOC teams are overwhelmed with alerts and data, making it impossible to respond fast enough on the critical alerts that matter. Singularity provides automated, real-time correlation and context so analysts can focus on signals instead of noise.
• SentinelOne experienced zero delayed detections. Adversaries operating at high speed must be countered with machine speed automation that’s not subject to human-powered latency. Singularity delivers contextualized detections as they occur, in real-time and makes it easy for any analyst to interpret results.
• SentinelOne required zero configuration changes, making EDR effortless. Constantly adjusting and tuning a product means the battle is lost before it starts. Technology powered solutions should work at enterprise-scale right out-of-the box. Singularity deploys in seconds and instantly works at full capacity.
• SentinelOne produced one alert per targeted device. Even the most skilled analysts struggle to manually connect the dots when defending against advanced attacks. Consolidating hundreds of data points across a 48-hour advanced campaign, SentinelOne Storyline correlated the attack into a single alert per targeted machine. Singularity automatically transforms complex and messy data into a clear, precise story.

“MITRE Engenuity ATT&CK is the most objective and definitive test to measure EDR capability.  SentinelOne’s Singularity has set the standard for visibility, which is absolutely crucial for detection and response” said Raj Rajamani, Chief Product Officer, SentinelOne. “The threat landscape is evolving at an exponential rate and crowd-powered solutions simply can’t keep up, leaving enterprises at risk. Singularity’s performance in this year’s Carbanak+FIN7 Emulation highlights our commitment to preventing breaches from happening in the first place with proactive and real-time autonomous cybersecurity on every edge of the enterprise.”

SentinelOne was one of the first endpoint companies to correlate alerts in-product with the MITRE ATT&CK framework, embrace the MITRE ATT&CK Endpoint Protection Product Evaluation, and incorporate the MITRE ATT&CK framework as the new threat hunting standard, demonstrating the company’s leadership in providing technology delivered threat context and visibility within the MITRE framework.