Cybersecurity leader Sophos has achieved full detection coverage in the 2025 MITRE ATT&CK Enterprise Evaluation, successfully identifying 100% of adversary activity across two rigorous real-world attack scenarios.
The independent assessment, widely regarded as a benchmark for security detection capabilities, tested Sophos XDR against simulations of Scattered Spider, a financially motivated cybercrime group, and Mustang Panda, a long-running China-linked espionage group.
The evaluation covered complex attack chains across Windows, Linux, and Amazon Web Services (AWS) cloud environments for the Scattered Spider scenario, while the Mustang Panda scenario focused specifically on Windows systems.
Beyond the perfect detection score, Sophos earned the highest possible “Technique”-level rating for 86 of the 90 attack steps. This metric highlights the precision of the tool, reflecting its ability to provide detailed, high-confidence detections rather than just generic alerts.
“These two threat groups represent very different challenges for defenders, from financially driven cybercrime to long-term espionage,” said Simon Reed, Chief Research and Scientific Officer at Sophos. “Consistent detection across both scenarios shows the importance of strong behavioural visibility when responding to complex attacks.”
The MITRE ATT&CK Evaluations are distinct in the industry because they do not score prevention. Instead, they focus on “visibility”, testing how clearly and accurately security tools can identify attacker behavior, map it to known techniques, and provide the necessary context for security teams to investigate and respond.
Now in its seventh iteration, the 2025 Enterprise Evaluation reflects the growing complexity of modern cyberattacks, requiring solutions that can track multi-stage threats across different operating systems and cloud environments.
Security teams and CISOs often use these results alongside other independent benchmarks to validate endpoint and extended detection and response (XDR) solutions before procurement.
Go to TECHTRENDSKE.co.ke for more tech and business news from the African continent and across the world.
Follow us on WhatsApp, Telegram, Twitter, and Facebook, or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates. Send tips to editorial@techtrendsmedia.co.ke
