April is usually a whirlwind month for the cybersecurity industry as it coincides with the release of the highly regarded and influential MITRE ATT&CK test results. The ATT&CK test measures cybersecurity platforms' abilities to detect and react to emulated, multistep attacks that can be used as a barometer of platform effectiveness.
This means that every cybersecurity vendor will be tripping over themselves to push out blog posts, webinars, press releases, and more touting how great their services are and how the results validate their products.
The result is a storm of spin and PR that is hard to navigate. An upcoming webinar offered by Cynet (register here) aims to help industry participants differentiate the spin from the real information when it comes to MITRE ATT&CK results.
The Webinar will be led by renowned cybersecurity researcher and Chief Security Strategist for Cynet, Chris Roberts, and Director of Product Marketing for Cynet, George Tubin. The conversation will center on what customers and vendors can expect to see when the MITRE ATT&CK results are published on April 20th and the days that follow.
In the race to be first and publish the most favorable coverage, companies will cloud the online landscape, so it's crucial to know how to separate fact from fiction. More importantly, it's vital to know how to read the actual results to make an informed decision. As MITRE's doesn't directly provide vendor comparisons, interpreting the results to compare different vendors takes some skill and knowledge.
Some of the topics covered by Roberts and Cynet Director of Product Marketing, George Tubin, will include:
- What exactly is MITRE ATT&CK, and why does it matter? The yearly evaluation has become a golden standard and a point of pride for cybersecurity vendors who participate. It's important to understand why it's such a key piece of the decision-making process.
- How should CISOs interpret the results and the vendor propaganda? Despite its importance, MITRE's results can be difficult to parse for the unfamiliar. CISOs and security leaders should understand exactly what the results mean, and how vendors use (and misuse) them.
- How should CISOs use the results to evaluate vendors? Understanding the results is one thing, but knowing how to use them as a barometer is more important as looking at them in a vacuum can be confusing.
- How can vendors leverage the tests to their fullest advantage? In the end, the tests are a major point of validation for vendors, and understanding how to use them in a transparent, open way is a good starting point for any cybersecurity organization.
The webinar will be available for viewing on April 14th and 15th. You can register for the event now to save a spot at the link here.