Sophos XDR achieved its best-ever results in the independent MITRE ATT&CK Enterprise 2025 Evaluation, successfully detecting 100% of adversary behaviors across two complex attack scenarios.
Key Results for Sophos XDR
Sophos XDR demonstrated comprehensive visibility and
actionable intelligence against simulated attacks based on real-world threat
actors.
100% Detection Coverage: Sophos XDR detected all 90 sub-steps
across both attack scenarios, ensuring no adversary activity was missed.
Highest-Possible Ratings: The solution achieved the highest possible "Technique"-level rating for 86 out of the 90 total sub-steps. This indicates high-fidelity detections that provided detailed context (who, what, when, where, how, and why) about the threat, enabling faster investigation and response.
“Scattered Spider and Mustang Panda represent distinct
threat profiles that challenge defenders in very different ways,” said Simon
Reed, chief research and scientific officer, Sophos. “Achieving full detection
coverage against both validates the accuracy and depth of Sophos’ analytics and
demonstrates how the company’s AI-native XDR platform converts complex
telemetry into clear, actionable intelligence, helping security teams detect,
understand, and stop advanced attacks with confidence. Sophos’ consistently
strong performance in these rigorous evaluations underscores the power and
precision of our threat detection and response capabilities, and our commitment
to stopping the world’s most sophisticated cyberthreats. Over the five years
that Sophos has participated in ATT&CK Evaluations, we have continually
invested in strengthening our platform, and that investment has translated into
stronger results year after year - both in the evaluations, and in the security
outcomes we deliver for our customers.”
These results demonstrate the power of the Sophos XDR platform to defend against sophisticated cyber threats. Every day, Sophos processes 223+ terabytes of telemetry in Sophos Central, generating 34+ million detections and automatically blocking 11+ million threats. This scale of customer insights ensures that Sophos’ detections are being tested and improved to provide continuous protection while delivering stronger outcomes for organizations worldwide.
Understanding The Threat Actors
Sophos X-Ops has tracked GOLD HARVEST (Scattered Spider) since 2022, observing a loosely affiliated cybercriminal collective driven by both financial motives and a desire to elevate their reputations on underground forums. Despite several arrests, operators and associates continue to launch high-profile attacks across the U.K. and U.S., at times partnering with major Russian-speaking ransomware groups. Their sophisticated social engineering capabilities enable them to compromise even well-defended organizations, underscoring the importance of strong behavioral detections within modern security operations.
When evaluating EDR or XDR solutions, Sophos recommends reviewing MITRE ATT&CK Evaluations alongside other independent proof points. Recent Sophos EDR and Sophos XDR recognitions include:
Sophos is a Leader in the IDC MarketScape: Worldwide
Extended Detection and Response (XDR) Software 2025
Sophos is a Leader in the G2 Fall 2025 Reports for both EDR
and XDR
Sophos is a 2025 Gartner® Peer Insights™ “Customers’ Choice”
vendor for Extended Detection and Response (XDR)
Sophos is named a Leader for the 16th consecutive time in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms
No comments:
Post a Comment