- Mar 16, 2019
For the fourth consecutive year, Microsoft 365 Defender demonstrated its industry-leading protection in MITRE Engenuity’s independent ATT&CK® Enterprise Evaluations, showcasing the value of an integrated XDR-based defense that unifies device and identity protection with a Zero Trust approach:
Microsoft 365 Defender XDR solution displayed top-class coverage by successfully surfacing to the security operations center (SOC) a single comprehensive incident per each of the simulated attacks. This comprehensive view provided in each incident detailed suspicious device and identity activities coupled with unparalleled coverage of adversary techniques across the entire attack chain. Microsoft 365 Defender also demonstrated 100% protection by blocking both attacks in the early stages.
- Complete visibility and analytics to all stages of the attack chain
- 100% protection, blocking all stages in early steps
- Each attack generated a single comprehensive incident for the SOC
- Differentiated XDR capabilities with integrated identity protection
- Protection for Linux across all attack stages
- Deep and integrated Windows device sensors
- Leading with product truth and a customer-centric approach
This is the third year in which Microsoft 365 Defender showcases the power of the combined XDR suite, demonstrating coverage across devices, identities, and cloud applications.
Demonstrated complete visibility and analytics across all stages of the attack chainMicrosoft 365 Defender demonstrated complete technique-level coverage across all the attack stages of Wizard Spider and Sandworm, leveraging our artificial intelligence-driven adaptive protection.
Figure 1. Microsoft 365 Defender providing full attack chain coverage
Defending against human-operated ransomware requires a defense in-depth approach that continuously evaluates device, user, network, and organization risk and then leverages these signals to alert on potential threats across the entire attack chain. Providing detection and visibility enables defenders to evict the attackers from the network during the pre-ransom phase. It also minimizes the impact of encryption or extortion through data exfiltration activities.
Technique-level detection coverage in real time without delaysHuman-operated ransomware attacks evolve within minutes, and..................................
Microsoft 365 Defender demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations - Microsoft Security Blog
For the fourth consecutive year, Microsoft 365 Defender demonstrated industry-leading protection in MITRE Engenuity’s independent ATT&CK® Enterprise Evaluations. These results highlighted the importance of taking an XDR-based approach spanning endpoints, identities, email and cloud, and the...