Rapid7, a firm providing cloud risk and threat detection, has announced the final results of the 2022 MITRE Engenuity ATT&CK Evaluations of Rapid7 managed detection and response (MDR) services.
MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. It brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve.
In the simulated incident, Rapid7 MDR demonstrated early detection of threats and complete coverage across the cyber attack chain, and the artifacts collected highlighted rich reporting and engagement throughout.
This round of independent ATT&CK Evaluations for security service providers emulated the OilRig threat group.
According to MITRE Engenuity, OilRig “was chosen based on its evasion and persistence techniques, its complexity, and its relevancy to industry.”
Rapid7 MDR excelled at identifying the earliest indicators of attack, having reported techniques across all ten steps of the attack simulation.
“Cybersecurity professionals and industry stakeholders rely on MITRE Engenuity ATT&CK Evaluations to benchmark vendors’ efficacy and effectiveness for advanced attack detection in real-world scenarios,” says Jeremiah Dewey, Senior Vice President of Managed Services Delivery, Rapid7.
“We are thrilled to participate in this first-ever evaluation of managed services, as it gives a wider audience visibility into how a real-world incident plays out with Rapid7 MDR."
“More than half of organisations use security service providers to protect their data and networks. We wanted to research how they are employing threat-informed defence practices for their clients," adds Ashwin Radhakrishnan, Acting General Manager of ATT&CK Evaluations, MITRE Engenuity.
Rapid7 MDR blends the necessary people, expertise, processes, and technology to rapidly detect, analyse, investigate, validate, and respond to threats across the modern environment - endpoint, network, application, and cloud services layers. Through this service, Rapid7 serves as a true partner throughout the incident lifecycle, driving end-to-end recommendations and results.
A Rapid7 differentiator is its combined incident response consulting team and MDR SOC, which ensures that all MDR customers receive the same high-calibre digital forensics and incident response (DFIR) expertise as a core service capability. This single, integrated team of detection and response experts works together to execute every type of attack scenario, from a minor breach like a phishing email with an attached maldoc, to a major targeted breach involving multiple endpoints compromised by an advanced attacker.
Rapid7’s comprehensive security solutions help more than 10,000 global customers unite cloud risk management and threat detection to reduce attack surfaces and eliminate threats with speed and precision.
“Even with the best technology in place, Defenders need support to remain vigilant against the latest attacker tactics, techniques, and procedures,” says Dewey.
“Rapid7 MDR provides early, comprehensive detection across the modern environment, and end-to-end partnership throughout the incident lifecycle to drive our customers’ security success.”