What is the story about?
What's Happening?
Three major cybersecurity vendors, Microsoft, SentinelOne, and Palo Alto Networks, have decided not to participate in the 2025 MITRE Engenuity ATT&CK Evaluations: Enterprise test. This annual test, which evaluates endpoint detection and response (EDR) solutions, has been a significant event in the cybersecurity industry since its inception in 2019. The withdrawal of these companies, all of which performed well in the 2024 evaluations, has sparked discussions about the future and relevance of the program. Microsoft, which topped the 2024 test, announced its decision in June, followed by SentinelOne and Palo Alto Networks in September. The companies cited a focus on product development and innovation as their reasons for pulling out. However, experts suggest that the tests may be perceived as more promotional than beneficial for real security advancements.
Why It's Important?
The withdrawal of these key players from the MITRE evaluations could have significant implications for the cybersecurity industry. MITRE's ATT&CK framework is a widely recognized tool for mapping cyber adversaries' techniques, and the evaluations have been considered a benchmark for EDR solutions. The absence of major vendors might lead to questions about the credibility and impact of the tests. This could affect how cybersecurity products are developed and marketed, potentially shifting focus from standardized testing to individual innovation. The decision also highlights the resource-intensive nature of participating in such evaluations, which may prompt other companies to reconsider their involvement.
What's Next?
The results of the 2025 MITRE evaluations are expected in December, and the absence of Microsoft, SentinelOne, and Palo Alto Networks will likely be a focal point of industry discussions. MITRE may need to reassess its approach to ensure the evaluations remain relevant and beneficial. The organization might consider adjusting the difficulty of the tests or addressing concerns about their promotional nature. Meanwhile, the vendors that withdrew may focus on their stated priorities of product innovation and customer-focused initiatives, potentially leading to new developments in their cybersecurity offerings.
AI Generated Content
Do you find this article useful?
