What's Happening?
In 2025, three major cybersecurity firms, Microsoft, SentinelOne, and Palo Alto Networks, chose not to participate in MITRE's ATT&CK Evaluations. This decision was influenced by the increasing complexity
of the tests and concerns that the evaluations have shifted from being genuine security benchmarks to promotional exercises. MITRE's CTO, Charles Clancy, acknowledged the challenges posed by the demanding nature of the tests and announced plans to reinstate a vendor forum to prepare for future evaluations, aiming to rebuild industry confidence. The annual ATT&CK Evaluations, initiated in 2019, are designed to create consistency in security solution testing and drive industry improvements.
Why It's Important?
The withdrawal of these prominent cybersecurity firms from the MITRE Evaluations highlights significant industry concerns regarding the effectiveness and purpose of these tests. As these evaluations are intended to set benchmarks for security solutions, their perceived shift towards promotional activities could undermine their credibility and impact the industry's ability to assess and improve cybersecurity measures. This development may prompt other firms to reconsider their participation, potentially leading to a reevaluation of how such tests are conducted and their role in the cybersecurity landscape. The situation underscores the need for transparent and meaningful evaluations to ensure robust cybersecurity practices.
What's Next?
MITRE plans to address the concerns raised by the cybersecurity firms by reinstating a vendor forum to better prepare participants for future evaluations. This move aims to enhance collaboration and transparency, potentially restoring confidence in the evaluation process. The outcome of these efforts will be crucial in determining whether other firms will continue to participate in the evaluations. Additionally, the industry may see a push for alternative methods to assess and benchmark cybersecurity solutions, which could lead to innovations in how security effectiveness is measured and communicated.
