Cyber Threat Detection Vendors Pull Out of MITRE Evaluations Test

Source: Infosecurity Magazine

Author: Kevin Poireault

URL: https://www.infosecurity-magazine.com/news/cyber-vendors-pull-out-mitre/

ONE SENTENCE SUMMARY:

Major cybersecurity providers withdrew from MITRE’s 2025 EDR test, citing product innovation focus and concerns over test relevancy.

MAIN POINTS:

1. Microsoft, SentinelOne, and Palo Alto withdrew from MITRE’s 2025 EDR evaluation.
2. Concerns arise about the program’s future and relevance.
3. The companies prioritize product development over participation.
4. MITRE’s test increasingly viewed as promotional rather than achieving security gains.
5. ATT&CK framework was introduced in 2015 by MITRE for mapping cyber adversaries.
6. Testing uses simulated attacks with MITRE’s Caldera platform.
7. Tests are not a longitudinal benchmark due to annual differences.
8. 2025 scenarios include financially motivated and Chinese-aligned cyber-espionage actors.
9. MITRE plans to re-establish its vendor forum in 2026.
10. Despite withdrawals, a dozen vendors engaged with the 2025 test.

TAKEAWAYS:

1. Test participation demands significant resources from cybersecurity companies.
2. Increasingly challenging tests may impact participation decisions.
3. MTIRE intends to address concerns by reviving the vendor forum.
4. Tests are criticized as being more about PR than real security gains.
5. Ongoing participation signals the value of these evaluations to some vendors.