Transforming Cyber Defense: Cloud, Response, and Analysis in ATT&CK Evaluations

As cyber threats evolve, organizations need more than just detection to stay ahead of adversaries. A comprehensive cybersecurity approach involves effective response, rapid containment, and thorough post-incident analysis. Managed Services 2025 brings an updated evaluation framework that emphasizes these key areas, focusing on how well participants can detect, respond to, and analyze real-world attacks, particularly in hybrid cloud environments.

The Focus: Cloud-Based Attacks and Post-Incident Analysis

This round of ATT&CK Evaluations introduces a unique opportunity to test security services on a global scale, particularly in cloud environments. The scenarios center on hybrid infrastructures that blend on-premises systems with cloud environments like AWS and Azure. Participants will demonstrate their abilities across three main phases:

Scenario A: Detect

Scenario B: Respond/Contain

Scenario C: Investigate

Each scenario measures the ability to detect, neutralize, and investigate attacks across different types of infrastructures. The goal is to not only assess how well security solutions can handle immediate threats but also how they can support long-term recovery.

Scenario Breakdown

Scenario A: Detection
This scenario challenges participants to…