Ever wonder why cybersecurity vendors can claim “100% coverage” against frameworks like MITRE, yet their solutions still fall victim to breaches?
Adam Mansour, Chief Security Officer, stacks ActZero MDR’s performance against DarkWeb-sourced malware, relative to “top tier” security vendors’ solutions.
Endpoint attack simulation performance is evaluated using three critical measures: block rate, dwell time, and signal-to-noise ratio - redefined to elucidate the differences between real-world performance, and scoring publications and frameworks like AV-Test.org, eicar, MITRE, and others.
We define these critical measures, describe the assessment method, and compare them to established frameworks. We then explain why POC’s that leverage such measures are critical for:
- Choosing cybersecurity solutions, and accurately assessing the outcomes they drive
- Determining whether such solutions will be able to keep response times below relevant thresholds
- Understanding whether the outputs are actually actionable, to stop the attack itself
The resources referenced in this webcast are: