MITRE Engenuity ATT&CK Evaluations Highlight Check Point Software’s as a Leader in Endpoint Security with 100% Detection Across all Attack Steps

Check Point® Software Technologies Ltd., a leading provider of cyber security solutions globally,  announced that for the second consecutive year, Harmony Endpoint has been recognized a leader in MITRE Engenuity ATT&CK® Evaluations for delivering the most comprehensive threat detection and visibility. MITRE Engenuity’s Evaluation results highlight Check Point Harmony Endpoint’s ability to immediately and automatically block, remediate, and recover from ransomware and other cyber threats before the damage spreads. At the same time, security teams can use the solution to accurately detect threats, investigate, and respond to them, effectively leveraging the industry’s most comprehensive correlation with the MITRE ATT&CK® framework.

Harmony Endpoint delivered 100% detection of all attack steps with the highest Technique detection level and zero delays in alerting detections. The solution provided 98% detection rate for APT Spider Wizard. These results underscore Check Point’s commitment to provide the highest level of accuracy and contextualized visibility into real-world cyber threats, all while providing autonomous detection and response.

For this evaluation, MITRE Engenuity tested 30 endpoint security providers and their products. Vendors were evaluated over a MITRE-developed knowledge base of adversary tactics and techniques based on real-world observations. This year, MITRE Engenuity tested vendors’ ability to detect attack techniques employed by Wizard Spider, a financially motivated criminal group, and Sandworm, a Russian threat group known for targeting of Ukrainian electrical companies and NotPetya attacks. These two threat actors were chosen based on their complexity, relevance to the market, and how well MITRE Engenuity’s staff could fittingly emulate the adversary.

“The sophistication and frequency of attacks has increased dramatically over the past year, reaching new peaks. In this reality, organizations should adopt a threat-informed security strategy. MITRE Engenuity ATT&CK® Evaluations help them achieve that by evaluating cybersecurity solutions’ ability to defend against real-world cyberattacks and threat groups,” said Ofir Israel, Vice President of Threat Prevention at Check Point Software Technologies. “Endpoint security plays a crucial role in protecting the hyper distributed workspace. The latest ATT&CK® Evaluations results highlight Check Point Harmony Endpoint’s leadership for the 2^nd consecutive year, as an industry-leading threat detection and full attack visibility capabilities. Harmony Endpoint’s customers get all the endpoint protection they need against all imminent threats like ransomware, malware, phishing while enjoying robust detection and response capabilities at the best TCO.”

“This latest round indicates significant product growth from our vendor participants. We are seeing greater emphasis in threat informed defense capabilities, which in turn has developed the infosec community’s emphasis on prioritizing the ATT&CK Framework,” said Ashwin Radhakrishnan, acting General Manager of ATT&CK Evaluations at MITRE Engenuity.

Key highlights from the test include:

• Harmony Endpoint delivered the highest technique detection level with 100% detection of attack steps
• Harmony Endpoint delivered the most extensive visibility and context across 100% of Sub-Step detection. In 98% of sub steps detected, delivered the highest technique detection level providing additional data enrichment to help user thoroughly understand the attack
• Harmony Endpoint provided 98% detection for financial advanced persistent threat (APT) Wizard Spider, responsible for notorious malwares such as Emotet, Trickbot, and Ryuk
• Check Point provided immediate alerts with zero delays in all its detections

For full results and more information about the evaluations, please visit: https://attackevals.mitre-engenuity.org/enterprise/wizard-spider-and-sandworm/.