MITRE evaluates cybersecurity products using an open methodology based on the ATT&CK® knowledge base. Our goals are to improve organizations against known adversary behaviors by:

  • Empowering end-users with objective insights into how to use specific commercial security products to address known adversary behaviors
  • Providing transparency around the true capabilities of security products to address known adversary behaviors
  • Driving the security vendor community to enhance its capability to address known adversary behaviors


These evaluations are not a competitive analysis. We show the detections we observed without providing a “winner.” There are no scores, rankings, or ratings. Instead, we show how each vendor approaches threat defense within the context of ATT&CK.

Transparency in Both Process and Results

MITRE’s evaluation methodology is publicly available, and all evaluation results are publicly released. MITRE will continue to evolve the ATT&CK Evaluation methodology and content to ensure a fair, transparent, and useful evaluation process.