Insights from the 2024 MITRE Engenuity ATT&CK® Evaluations for Managed Services




Insights from the 2024 MITRE Engenuity ATT&CK® Evaluations for Managed Services are out. And so are the marketing claims. Cut through the marketing to understand what the evaluations actually covered and the metrics that matter: actionability, alert fidelity, and coverage. 

The 2024 ATT&CK Evaluations for security service providers tested participating cybersecurity vendors in a ‘closed book’ version of adversary emulation using tactics, techniques and procedures (TTPs) of BlackCat/ALPHV, a prolific ransomware-as-a-services (RaaS) group, and menuPass (aka APT10), an advanced threat actor focused on espionage targeting an array of industries including healthcare, manufacturing and government. The evaluations emulated a multi-subsidiary compromise with overlapping operations focusing on defense evasion, exploiting trusted relationships, data encryption, and inhibiting system recovery across both Windows and Linux environments. 

Each of the 11 participating MDR vendors was evaluated based on understanding of emulated BlackCat and menuPass activities across 43 total steps in the framework’s attack kill chain from initial compromise through the final stage. Participants leveraged a self-supplied toolset to enable their detection capabilities and provide the relevant analysis in the same format they provide to customers.  

Watch the webinar to: 

  • Understand the MITRE Engenuity ATT&CK® Evaluations for Managed Services 
  • Interpret the data, identify the key metrics, and sort out the results  
  • Leverage the evaluation and results in helping you select an MDR partner 




Dragos Gavrilut

VP of Threat Research



Tyler Baker

Senior Manager, Global Security Operations 



Josh Armstrong

Manager, Global SOC



Richard De La Torre

Manager, Technical Product Marketing