Latest News

SentinelOne pioneers inaugural deception MITRE Engenuity ATT&CK® Evaluation

Autonomous XDR provider leads in protection against sophisticated threats with hologram deception technology

SentinelOne, an autonomous cybersecurity platform company, has announced its results from the inaugural MITRE Engenuity ATT&CK® Deception Evaluation. As the first and only XDR vendor to participate, SentinelOne has the most comprehensive MITRE ATT&CK® analytic coverage, helping enterprises reduce risk across device, cloud, and identity attack surfaces. SentinelOne was recognised for its ability to defend against sophisticated identity-based attacks and insider threats.

The inaugural MITRE ATT&CK Deception Evaluation tested vendors’ ability to protect against the APT29 threat group. SentinelOne’s Singularity XDR platform – and specifically its Hologram deception solution – was recognised for its ability to:

  • Provide real-time protection against active directory compromise. Every time adversaries tried to gain access to Active Directory (AD), SentinelOne protected against theft with evasion techniques and decoy credentials.
  • Secure critical assets. SentinelOne uses data cloaking to mislead adversaries, keeping file and account information across identity, data, endpoint, cloud and IoT secure to prevent data theft and destruction.
  • Stop lateral movement and privilege escalation. SentinelOne blocked the use of Golden Ticket and Silver Ticket attack techniques, stopping adversaries from gaining access to endpoints on the network.
  • Optimise insight into adversary behaviour. Taking a step beyond detection and response, SentinelOne provided detailed insight across adversary behaviour, including ingestible, actionable TTP information and high-confidence, substantiated attack forensics.

“As attackers continue to evade security controls, enterprises need modern XDR solutions that protect against threats at every stage of the attack lifecycle,” said Raj Rajamani, Chief Product Officer, SentinelOne. “SentinelOne is the first XDR provider to natively include identity and deception. Our results in the inaugural MITRE ATT&CK Deception Evaluation confirm SentinelOne’s commitment to push the boundaries of autonomous technology as we help enterprises protect against identity-based attacks.”

SentinelOne was one of the first cybersecurity companies to correlate alerts in-product with the MITRE ATT&CK framework, embrace the MITRE ATT&CK Endpoint Protection Product Evaluation, and incorporate the MITRE ATT&CK framework as the new threat hunting standard. As a leader across MITRE Enterprise ATT&CK Evaluations for the third consecutive year and a leader in the inaugural MITRE ATT&CK Deception Evaluation, SentinelOne remains committed to supporting organisations through MITRE’s framework.