Press release
CrowdStrike Achieves 100% Detection and 100% Protection in the Most Demanding MITRE ATT&CK® Enterprise Evaluations to Date
CrowdStrike embraces MITRE’s first real-world cross-domain attack simulation, delivering perfect scores with no false positives AUSTIN, Texas--(BUSINESS
About this update from Crowdstrike Holdings, Inc.
[{"type":"text","content":"\nCrowdStrike embraces MITRE’s first real-world cross-domain attack simulation, delivering perfect scores with no false positives\n\n AUSTIN, Texas--(BUSINESS WIRE)--\nCrowdStrike (NASDAQ: CRWD) delivered 100% detection and 100% protection with no false positives in the 2025 MITRE ATT&CK® Enterprise Evaluations – the most technically demanding in the program’s history. Through MITRE’s first-ever cloud adversary emulation with attacks that moved across identity, endpoint, and cloud, the unified Falcon® platform demonstrated the architectural advantage required to stop modern cross-domain threats.\n\n“These were the most challenging MITRE evaluations yet, and we participated to give the industry a transparent view into which platforms have the architecture to stop real-world threats,” said Michael Sentonas, president of CrowdStrike. “Delivering 100% detection, 100% protection, and no false positives across these highly sophisticated, cross-domain attacks is a major achievement. The results show the power of the unified Falcon platform – complete protection with a first-class analyst experience that eliminates noise and complexity while accelerating response.”\n\nTesting Unified Platform Capabilities Against Real-World, Cross-Domain Attacks\n\nThis year’s MITRE evaluations expanded beyond endpoint techniques to assess true platform capabilities in defending against real-world attacks that move across identity, endpoint, and cloud. As the leading unified security platform participating in this year's evaluations, CrowdStrike achieved 100% detection and 100% protection with no false positives across the full attack sequence.\n\nIn the most demanding evaluations to date, MITRE exercised full cross-domain tradecraft, effectively testing the strength of the underlying platform architecture – not just its detections. To execute this expanded scope, MITRE emulated real-world attacks from Chinese state-sponsored espionage group MUSTANG PANDA, and eCrime group SCATTERED SPIDER – two adversaries known for their sophistication, stealth, and ability to compromise cloud environments. It also introduced new early-stage techniques to assess whether a platform can detect and contain activity before attackers can establish a foothold or move laterally.\n\nThe Falcon platform delivered complete detection and protection at every stage, stopping crede...