Red Canary Provides First-Ever MITRE Engenuity™ ATT&CK® Evaluations for Managed Services


November 15, 2022

3 Min Read


DENVER, Nov. 15, 2022 /PRNewswire/ — Red Canary, a leader in Managed Detection and Response (MDR), is one of 15 providers that participated in the first-ever MITRE Engenuity™ ATT&CK® Evaluations for Managed Services. Published in November 2022, the independent ATT&CK Evaluations assessed provider capabilities in their ability to analyze and describe adversary behavior.

Red Canary MDR Performance Summary:

  • Detected intrusion in Step 1

  • Identified all intrusion steps

  • Named OilRig as the emulated adversary group

  • Provided zero false positives

  • Presented information just as we would to our real-world customers

To help organizations better interpret the test, Red Canary has created an unbiased analysis of the MITRE ATT&CK results. This report provides the necessary context needed to understand the results and evaluate how different participants performed. Separately, experts have also provided a deep-dive technical analysis of Red Canary's performance, highlighting what they detected and how they responded to MITRE Engenuity's emulation activity.

"One of Red Canary's core values is our relentlessness in finding and stopping adversaries, which is why we were so excited to hear there would be an ATT&CK Evaluation of managed security service providers," said Brian Beyer, CEO and co-founder of Red Canary. "The MITRE ATT&CK test is a great resource for evaluating different providers and determining how they would help protect your organization in a real-world intrusion. All the participants should be commended for being transparent enough to take part in the evaluation."

"More than half of organizations use security service providers to protect their data and networks. We wanted to research how they are employing threat-informed defense practices for their clients," said Ashwin Radhakrishnan, general manager, ATT&CK Evaluations, MITRE Engenuity. "We don't rank the vendors in our evaluations. Organizations, however, can use the evaluations to determine which service providers may best address their own cybersecurity gaps and fit their particular business needs."

Red Canary is one of only two vendors to be a participant in the MITRE ATT&CK Evaluations for Managed Service Providers and is also listed as a "Leader" in the Forrester Wave™: Managed Detection And Response, Q1 2021. The impressive performance by Red Canary in the MITRE ATT&CK Evaluation comes on the heels of winning the Security Trailblazer award in the Microsoft Security Excellence Awards 2022.

Trusted by nearly 800 customers, including many Fortune 500 companies across industries, Red Canary is growing at 3x the pace of the overall MDR market. This growth is fueled by market-leading technology that allows Red Canary to detect threats missed by other tools – providing MDR across endpoints, networks, cloud, SaaS, and identity applications.

About MITRE Engenuity ATT&CK® Evaluations

ATT&CK® Evaluations (Evals) is built on the backbone of MITRE's objective insight and conflict-free perspective. Cybersecurity vendors turn to the Evals program to improve their offerings and to provide defenders with insights into their product's capabilities and performance. Evals enables defenders to make better informed decisions on how to leverage the products that secure their networks. The program follows a rigorous, transparent methodology, using a collaborative, threat-informed, purple-teaming approach that brings together vendors and MITRE experts to evaluate solutions within the context of ATT&CK. In line with MITRE Engenuity's commitment to serve the public good, Evals results and threat emulation plans are freely accessible.

About Red Canary

Red Canary stops cyber threats no one else does, so organizations can fearlessly pursue their missions. We do it by delivering managed detection and response (MDR) across enterprise endpoints, cloud workloads, network, identities, and SaaS apps. As a security ally, we define MDR in our own terms with unlimited 24×7 support, deep threat expertise, hands-on remediation, and by doing what's right for customers and partners.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights