2025 MITRE ATT&CK Evaluations Highlight Scattered Spider and Mustang Panda Scenarios
Summary
Hide ▲
Show ▼
MITRE has released the 2025 ATT&CK Evaluations for enterprise cybersecurity solutions, testing 11 vendors against attack scenarios inspired by Scattered Spider and Mustang Panda. The evaluations introduced new focus areas, including cloud infrastructure attacks and adversary reconnaissance detection. MITRE emphasized the importance of protection and high-fidelity alerts to reduce alert fatigue. The results are available on MITRE's website, with vendors highlighting their performance without outright claims of victory.
Timeline
-
11.12.2025 15:50 1 articles · 23h ago
2025 MITRE ATT&CK Evaluations Released with New Focus Areas
MITRE has published the results of the 2025 ATT&CK Evaluations, testing 11 vendors against scenarios inspired by Scattered Spider and Mustang Panda. The evaluations introduced new focus areas, including cloud infrastructure attacks and adversary reconnaissance detection. MITRE emphasized the importance of protection and high-fidelity alerts to reduce alert fatigue. The results are available on MITRE's website, with vendors highlighting their performance without outright claims of victory.
Show sources
- MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations — www.securityweek.com — 11.12.2025 15:50
Information Snippets
-
Eleven companies participated in the 2025 ATT&CK Evaluations: Acronis, AhnLab, CrowdStrike, Cyberani, Cybereason, Cynet, ESET, Sophos, Trend Micro, WatchGuard, and WithSecure.
First reported: 11.12.2025 15:501 source, 1 articleShow sources
- MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations — www.securityweek.com — 11.12.2025 15:50
-
The evaluations focused on two scenarios: one inspired by Scattered Spider and another by Mustang Panda.
First reported: 11.12.2025 15:501 source, 1 articleShow sources
- MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations — www.securityweek.com — 11.12.2025 15:50
-
The Scattered Spider scenario marked the first time MITRE tested cybersecurity products against attacks involving cloud infrastructure.
First reported: 11.12.2025 15:501 source, 1 articleShow sources
- MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations — www.securityweek.com — 11.12.2025 15:50
-
The evaluations introduced a new focus on detecting adversary reconnaissance activities.
First reported: 11.12.2025 15:501 source, 1 articleShow sources
- MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations — www.securityweek.com — 11.12.2025 15:50
-
MITRE enhanced the evaluation framework to prioritize protection and high-fidelity alerts.
First reported: 11.12.2025 15:501 source, 1 articleShow sources
- MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations — www.securityweek.com — 11.12.2025 15:50
-
Several vendors highlighted their 100% detection and protection rates in specific categories, though MITRE noted that the evaluations do not rank vendors.
First reported: 11.12.2025 15:501 source, 1 articleShow sources
- MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations — www.securityweek.com — 11.12.2025 15:50
-
Major companies like Microsoft, Palo Alto Networks, and SentinelOne withdrew from the evaluations this year due to resource constraints.
First reported: 11.12.2025 15:501 source, 1 articleShow sources
- MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations — www.securityweek.com — 11.12.2025 15:50