ATT&CK® Evaluations Managed Services provide transparent and impartial insights into how managed security service providers (MSSPs) and managed detection and response (MDR) capabilities provide context on adversary behavior.

Evaluations follow a systematic methodology using a threat-informed purple teaming approach. To gather capability-specific insights, MITRE Engenuity uses ATT&CK as a foundation and builds an emulation plan to test the participant’s capability "in the style of" a specific adversary. The emulation plans are sourced with public cyber threat intelligence reporting, mapped to a subset of ATT&CK techniques, and used to replicate the behaviors that generate objective insights into how well a participant performs. For this evaluation, the adversary will remain anonymous until the execution phase of the Evaluation process. 

Call for participation for Managed Services opened on March 16. We recommend that organizations explore participation if they are looking to:

• Earn the community’s trust. Evaluation rounds are conducted consistently and published transparently.

• Improve your capabilities to better defend against adversary behavior.