MITRE evaluates cybersecurity products using an open methodology based on our ATT&CK™ framework. Our goals are to:

  • Empower end-users with objective insights into how to use specific commercial security products to detect known adversary behaviors
  • Provide transparency around the true capabilities of security products and services to detect known adversary behaviors
  • Drive the security vendor community to enhance their capability to detect known adversary behaviors


These evaluations are not a competitive analysis. There are no scores, rankings, or ratings. Instead, we show how each vendor approaches threat detection in the context of the ATT&CK matrix.

Transparency in both process and results

MITRE’s evaluation methodology is publicly available, and all evaluation results are publicly released. MITRE will continue to evolve the methodology and content to ensure a fair, transparent, and useful evaluation process.



MITRE does not rank, score, validate, or endorse any product. The evaluation results are available to the public, so other organizations may provide their own analysis and interpretation - these are not endorsed or validated by MITRE.