Best-ever results underscore Sophos’ AI-native platform and advanced threat detection capabilities
Sophos has achieved its strongest performance to date in the MITRE ATT&CK® Enterprise 2025 Evaluation, delivering 100% detection coverage across two complex attack scenarios: Scattered Spider (GOLD HARVEST) and Mustang Panda (BRONZE PRESIDENT). These scenarios tested defenses against financially motivated cybercriminals and state-aligned espionage groups, spanning Windows, Linux, and AWS cloud environments.
“Achieving full detection coverage validates the depth and accuracy of our analytics.”
– Simon Reed, Chief Research and Scientific Officer, Sophos
Sophos XDR earned the highest possible “Technique”-level rating for 86 out of 90 sub-steps, providing deep visibility and actionable intelligence on adversary behaviors. In the Scattered Spider scenario alone, Sophos achieved top ratings for 61 of 62 steps involving identity abuse, cloud exploitation, and data exfiltration.
Simon Reed, Chief Research and Scientific Officer at Sophos, said:
“Scattered Spider and Mustang Panda represent distinct threat profiles that challenge defenders in very different ways. Achieving full detection coverage against both validates the accuracy and depth of Sophos’ analytics and demonstrates how our AI-native XDR platform converts complex telemetry into clear, actionable intelligence.”
Key Highlights:
- 100% detection coverage for all 90 adversary sub-steps across Windows, Linux, and AWS
- Top ratings for 86 of 90 steps, ensuring detailed insights into execution, impact, and adversary behavior
- AI-native analytics converting complex telemetry into actionable intelligence for security teams
Sophos processes 223+ terabytes of telemetry daily, generating 34+ million detections and blocking 11+ million threats automatically, ensuring continuous improvement and stronger outcomes for customers worldwide.
The MITRE ATT&CK Evaluations emulate real-world adversary tactics to assess vendors’ ability to detect and articulate threats. Sophos’ consistent performance reflects its commitment to defending against sophisticated, multi-stage attacks.
