Back to Newsroom

20 September 2023

Independent Testing Designed to Emulate the Advanced Techniques of Notorious Threat Group Turla Reveals Superior Detection Capabilities of Bitdefender GravityZone Platform

BUCHAREST, Romania and SANTA CLARA, Calif. – Bitdefender, a global cybersecurity leader, today announced it achieved 100% detection of all major evaluation steps with the highest possible level of description for each step for the third consecutive year in the MITRE Engenuity ATT&CK Enterprise Evaluations. The evaluations were conducted through independent tests that simulate adversary behavior and techniques assessing the detection and protection capabilities of the 31 participating vendors.

“Enterprises are under tremendous pressure to strengthen their cyber resilience across environments as state-sponsored threat actors increase attacks both in sophistication and frequency,” said Dragos Gavrilut, vice president of threat research at Bitdefender. “Our achievement in identifying techniques used by advanced adversaries further validates Bitdefender as an industry leader in threat detection technologies. Independent tests like the MITRE ATT&CK Evaluations are crucial for helping organizations evaluate the effectiveness of cybersecurity technologies against complex multi-stage attacks based on their risk, industry, and specific environment.”

The 2023 ATT&CK Evaluations tested cybersecurity vendors for their ability to detect techniques and tactics used by Turla, a sophisticated Russian-based threat group that has infected victims in over 45 countries. The group is known for targeting government agencies, diplomatic missions, military groups, research and media organizations, using novel methods for intrusion, maintaining operational security, and remaining well hidden in environments. Each participant was evaluated based on detection rates and across 19 total steps and 143 sub-steps in the framework’s attack kill chain from initial compromise through the final stage of execution.

Testing the 19 major steps included detection for initial compromise, establishing a foothold, lateral movement, persistence, privilege escalation and were performed using Microsoft Azure cloud services.

MITRE Engenuity evaluated Bitdefender GravityZone Platform, a unified risk and security analytics platform that offers advanced Endpoint Protection (EPP), Endpoint Detection and Response (EDR), Extended Detection and Response (XDR) and cloud security for physical, virtual, and multi-cloud environments. The platform delivers deep security context to detections and offers a direct path to Bitdefender Managed Detection and Response (MDR) services.

“Turla is one of the most sophisticated threat actors, and their tradecraft is platform diverse, dynamic in stealth, and layered in persistence,” said Amy Robertson, MITRE cyber threat intelligence lead, ATT&CK Evals. “This round provides an emulation that focuses on kernel and service-level operations that often run with the same permissions as detection and protection products. Our goal is to empower end users and purchasers with unbiased insights into the product capabilities that detect these advanced adversary behaviors, while also collaborating with the participating vendors to evolve their products.”

To view the full MITRE Engenuity ATT&CK Evaluations Enterprise testing methodology and report results, visit https://attackevals.mitre-engenuity.org/enterprise/turla/.  

 

About MITRE Engenuity

MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.

MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense. www.mitre-engenuity.org

Contacts