Cisco Secure Endpoint Shines in the 2020 MITRE® Engenuity ATT&CK Evaluation

What industries do hackers focus on for profit primarily? Financial services should arrive as no surprise, however the hospitality industry as well is up there. That’s why MITRE Engenuity centered on hacker organizations Carbanak and FIN7 in the 2020 ATT&CK® Evaluation. Both groupings are popular and launch sophisticated assaults against these along with other industries highly, stealing a lot more than $1 billion in the last five years, in accordance with MITRE Engenuity.

That’s exactly why we jumped from the chance to take part in this year’s Evaluation with Cisco Secure Endpoint. Nowadays and, we’re thrilled to share how it carried out in MITRE Engenuity’s substantial testing. And so are the MITRE ATT&amp here;CK strategies where Secure Endpoint shines.

Overall, Cisco delivered solid results in the assessment


    • Lateral Motion: Cisco Safe Endpoint recognized and halted lateral motion automatically. Lateral Movement includes techniques that adversaries make use of to enter and handle remote techniques on a system.


Cisco Secure Endpoint recognized and stopped lateral movement automatically. Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network.

    • Execution: Cisco Protected Endpoint’s advanced telemetry identified and stopped suspicious document execution without individual intervention. Execution includes techniques that bring about adversary-controlled code working on a remote or even local system.


Cisco Secure Endpoint’s advanced telemetry recognized and stopped suspicious file execution without human intervention. Execution consists of techniques that result in adversary-controlled code running on a local or remote system.

    • Privilege Escalation & Protection Evasion: Cisco Secure Endpoint determined unauthorized privilege escalation and uncovered defense evasion techniques. Privilege escalation includes techniques that adversaries make use of to get higher-level permissions on the operational system or system. Defense evasion includes techniques an adversary may use to evade recognition or avoid additional defenses.


Cisco Secure Endpoint identified unauthorized privilege escalation and discovered defense evasion techniques. Privilege escalation consists of techniques that adversaries use to gain higher-level permissions on a system or network. Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses.

Cisco Secure Endpoint Improvements on screen in this year’s ATT&CK Evaluations

Behavioral Security

Our newest innovation is behavioral defense , extending the depth of Secure Endpoint’s sophisticated prevention motor. It monitors all consumer and endpoint exercise to safeguard against malicious habits in real-period by matching a blast of activity information against a couple of attack activity styles that are dynamically up-to-date as threats evolve. This step accounted for over 38% of the contributions to your findings through the evaluation.

 Behavioral protection monitors all user and endpoint activity to protect against malicious behavior in real-time by matching a stream of activity records against a set of attack activity patterns that are dynamically updated as threats evolve.     

      Orbital Advanced Search          

Another fresh addition, Orbital Advanced Lookup , was an integral contributor to the assessment results aswell. Orbital combines live lookup with forensics snapshots to perform complicated queries on endpoints and catch snapshots of information such as for example running processes, open system ports, and a whole lot more during detection or on-demand. These activities operate from the catalog of a huge selection of predefined queries which are arranged as common use situations and mapped to the MITRE ATT&CK information base.

 Orbital Advanced Search combines live search with forensics snapshots to run complex queries on endpoints and capture snapshots of data such as running processes, open network ports, and a lot more at the time of detection or on-demand.

Cisco Safe MITRE and Endpoint ATT&CK: Why it issues to CISOs at this time


Securing your endpoints hasn’t been more essential and you also need endpoint security it is possible to trust. Because the largest cybersecurity service provider on the planet, an integral investment area over the broadest group of security solutions provided by Cisco is Protected Endpoint. Cisco Safe Endpoint will be security that functions for the secure remote control employee, SASE, XDR, and Zero Confidence architecture . And we have been the only real endpoint security remedy with a cloud-indigenous, built-in system, Cisco SecureX, providing XDR capabilities and much more for better threat presence, more smart investigations, and faster reaction.

Beyond MITRE ATT&CK, Secure Endpoint outperforms in endpoint avoidance consistently, detection, and reaction evaluations. Here’s how (2020 AV-Comparatives Endpoint Avoidance and Response Testing).

    • Active Reaction / Prevention: cumulative active reaction price of 98.0%


    • Passive Reaction: Cumulative passive response price of 100%


    • Qualifies as High Enterprise Cost savings: the common of both energetic and passive reaction is higher than 95% of the entire EPR product reaction



Cisco has been named a leader inside endpoint security



    • Head in IT Main Station ’s EPP and EDR classes.



Cisco Secure Endpoint has which can deliver true results, true ROI for the customers

View it on your own


We know everything you are facing, a global where malware is evolving, and threats have become harder and harder to detect. Probably the most superior and riskiest threats, the ones that will enter and wreak havoc in your system eventually, could go undetected potentially. However, Protected Endpoint provides comprehensive safety against any danger. This security software program prevents breaches, blocks malware at the real point of entry, and monitors and analyzes document and process action to rapidly detect continually, include, and remediate threats that may evade front-line defenses.

To learn more around Cisco Secure Endpoint and notice for yourself the method that you are protected because of it against nowadays’s threats, join our virtual risk hunting workshop or join a trial offer .



%d bloggers like this: