SentinelOne Sets the Standard with 100% Detection and 88% Fewer Alerts than Median Across All Vendors Evaluated in the 2024 MITRE ATT&CK Evaluations: Enterprise
The 2024 MITRE ATT&CK Evaluations: Enterprise results are out, and SentinelOne has once again demonstrated it sets the standard in detecting even the most sophisticated modern threats. For the fifth consecutive year, SentinelOne’s AI-powered Singularity Platform achieved 100% detection and zero detection delays in the marquee third-party evaluation, detecting 80 out of 80 attacks in the simulation across every stage. Singularity also generated 88% fewer alerts than the median across all vendors evaluated, showcasing an exceptionally strong signal to noise ratio – critical to helping security teams avoid alert fatigue and rapidly respond to genuine threats.
Key results achieved by SentinelOne in the 2024 evaluation include:
- 100% Detection Accuracy – Identified all 16 attack steps and 80 substeps
- Zero Detection Delays: Real-time detection ensures instant action earlier in the kill chain
- 100% Technique Detections Across All Operating Systems: The most granular insight into all attackers’ actions on Windows, Linux and MacOS based on the MITRE framework.
- Exceptional Signal to Noise Ratio: Generated 88% fewer alerts than the median across all vendors evaluated, enhancing analyst workflows, speeding response and optimizing efficiency
This year’s evaluation: True detections vs. false positives, MITRE analysts, and real-world threats across Windows, Linux and MacOS
MITRE focused the 2024 evaluation on two major threats: widespread ransomware targeting Windows and Linux, and multi-staged and modular malware in operations involving elevated privileges and credential targeting of MacOS endpoints. By simulating these complex attacks, the MITRE ATT&CK evaluations provide valuable insights into the strengths and weaknesses of various security products.
This year also introduced two major changes to the testing process. First, MITRE introduced False Positives into the evaluation, adding background noise during the detection portion of the evaluation. This added difficulty required participants to balance detection accuracy against generating false positives and avoid the dreaded alert fatigue suffered by customers. To determine the false positive rate, MITRE evaluated a subset of benign activity to determine the prevalence of false positives while under evaluation.
And in a major shift from past years where vendors ran the evaluation on their own platform, in 2024, MITRE analysts personally operated the console as a real Security Operations Center (SOC) would in a true customer environment. This further reflected real-world usage, prevented vendor misrepresentation, and highlighted the strengths of SentinelOne’s AI-powered platform to provide out-of-the-box security.
“When it comes to defending against modern cyber attacks, three things matter: speed, accuracy and low noise, and SentinelOne’s AI-powered approach delivers on each of them,” said Ric Smith, President, Product, Technology and Operations, SentinelOne. “As validated by the latest evaluation, SentinelOne Singularity provides autonomous and comprehensive detection, out of the box, with zero delays across 100% of attacks, while eliminating noise and surfacing genuine threats. MITRE ATT&CK Evaluations have long been the gold standard, and we strongly believe that participation in these evaluations gives customers transparency they can trust, while driving vendors to focus their innovation on protecting customers from today’s and tomorrow’s real-world threats.”
To learn more about SentinelOne’s results in the 2024 MITRE ATT&CK Evaluations: Enterprise, check out the SentinelOne blog.
Comments are closed.