Business
Rapid7 InsightIDR Successfully Completes The Latest MITRE Engenuity ATT&CK Enterprise Evaluation
Demonstrates Strong Signal-to-Noise Across the Attack Chain in Emulation of Wizard Spider and Sandworm Threat Groups BOSTON, March 31, 2022 (GLOBE NEWSWIRE)
About this update from Rapid7, Inc.
[{"type":"text","content":"Demonstrates Strong Signal-to-Noise Across the Attack Chain in Emulation of Wizard Spider and Sandworm Threat Groups\nBOSTON, March 31, 2022 (GLOBE NEWSWIRE) -- Rapid7, Inc. (Nasdaq: RPD), a leading provider of security analytics and automation, today announced the results of its completed 2022 MITRE Engenuity ATT&CK® Evaluation of Rapid7 InsightIDR and the Insight Agent. This round of independent ATT&CK Evaluations for enterprise cybersecurity solutions emulated the Wizard Spider and Sandworm threat groups. Rapid7’s InsightIDR and Insight Agent demonstrated strong signal-to-noise across the attack chain during these simulations. InsightIDR is Rapid7’s industry-leading cloud SIEM and Extended Detection and Response (XDR) offering, and the included Insight Agent provides coverage across assets—in the cloud or on-premises—and powers InsightIDR’s endpoint detection and response (EDR) capabilities. The MITRE ATT&CK evaluation results showcase high-fidelity detections unlocked with InsightIDR and the Insight Agent. InsightIDR demonstrated consistent ability to detect threats early in the cyber kill chain, strong signal-to-noise, and solid visibility across the ATT&CK Framework, identifying telemetry, tactics, or techniques across 18 of the 19 phases presented in the attack simulations. The detections in this evaluation represent a small segment of the InsightIDR detections library, which provides native telemetry and high-fidelity detections across networks, users, and clouds in addition to endpoints—all vetted in the field by Rapid7’s managed detection and response (MDR) security operations center analysts to ensure relevancy and actionability for InsightIDR customers. MITRE ATT&CK Evaluations prioritize threats that offer unique impact to businesses and governments worldwide. Through the lens of the ATT&CK knowledge base, the 2022 MITRE ATT&CK evaluations focused on two threat actors: Wizard Spider and Sandworm. Wizard Spider is a financially motivated criminal group that has been conducting ransomware campaigns since August 2018 against a variety of organizations, ranging from major corporations to hospitals. Sandworm is a destructive Russian threat group that is known for carrying out notable attacks such as the 2015 and 2016 targeting of Ukrainian electrical companies and NotPetya attacks in 2017. MITRE chose Wizard Spider and S...