{"id":100532,"date":"2024-12-31T12:16:33","date_gmt":"2024-12-31T04:16:33","guid":{"rendered":"https:\/\/version-2.com\/?p=100532"},"modified":"2024-12-24T12:22:17","modified_gmt":"2024-12-24T04:22:17","slug":"racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2024\/12\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/","title":{"rendered":"Racing with MITRE to forge ESET Inspect for SOC and MDR use"},"content":{"rendered":"
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\"\"<\/div>
\u00a0<\/div>

ESET\u2019s journey through 2024\u2019s TTP-heavy Enterprise ATT &CK evaluation demonstrates both progress and scope for continued enhancement of our detection-and-response solution, as well as an interesting contrast with commercial tests.<\/em><\/p>

Six years into MITRE Enterprise evaluations, with their consistent focus on attack emulations leveraging a vast collection of tactics, techniques and procedures (TTPs), vendors are now finding evolved detection and protection scenarios added to the mix. MITRE\u2019s team of experts has clearly been working agilely, prompting vendors to adapt to the new test environment. Simultaneously, vendors looking to position themselves for the \u201cwin\u201d and improve sales prospects increasingly face a paradox with MITRE: It\u2019s still not a competitive test. Rather, the takeaways provide most value to security analysts involved in the day-to-day work of operating endpoint detection and response platforms.<\/p>

This year\u2019s evaluation has introduced some substantial changes. Notably, MITRE dropped telemetry from the detection categories, raising the threshold for a recorded event to be considered a detection. To counteract vendors\u2019 gaming products to \u201cwin\u201d or \u201cdetect everything,\u201d a proportion of substeps now test for false positives rather than detections, while other substeps are not evaluated at all. In a final nod to address \u201cpoints\u201d accumulated via \u201cdetecting everything,\u201d MITRE measures the number of detections in the dashboard, again cutting into \u201cpoint gain\u201d via bloated numbers of detections.<\/p>

ESET also brought changes to the table, most significantly by fielding ESET Incident Creator<\/a>, a module in ESET Inspect for incident-focused handling of threats. Incident Creator proved its use case in the detection portion of the evaluation, transforming how analysts are presented with detections generated from a cyberattack; detections are rolled up into incidents, giving analysts a focused view of how each attack progressed. With this tool in hand, we demonstrated good visibility into each attack scenario, detecting all steps and most meaningful substeps <\/a>while maintaining a low volume of detections. Thus, for ESET, most missed substeps, e.g., API calls, provide the analyst with little to no value, could be discovered via other means, and present almost no loss of information for the reconstruction of the attack.<\/p><\/div>

What we learned about our product<\/h3><\/header>

The most recent round of the ATT&CK Evaluations Enterprise pitted multiple vendors\u2019 detection and response platforms against three attack scenarios named DPRK, CI0p, and LockBit, as well as a battery of 10 protection tests. With well-recognized research on all of the threat groups chosen for the scenarios, ESET engineers were interested to observe how ESET Inspect\u2019s behavior could translate to supporting SOC operators as well as organizations leveraging security service offers such as ESET MDR.<\/p>

With a nod to ESET\u2019s preoccupation with efficiency, and MITRE\u2019s new rules seeking to limit a detect-everything approach, the three attacks generated plenty of detections \u2013 correlated into incidents \u2013 allowing incident responders to easily understand how the attacks happened and thus take quick remediation. Additionally, the Incident Creator module eliminated considerable noise for the benefit of threat analysts \u2013 another priority for ESET, both inside and outside this test environment.<\/p><\/div>

Turning off protection for the evaluation, and back on for the real world<\/h3><\/header>

With one of MITRE\u2019s goals being to examine coverage of the TTPs in the ATT&CK knowledge base, vendors\u2019 products in the detection scenarios are configured to not block or kill any of the threats they encounter. This is an important point because, in the real world, many of the threats employed in these scenarios would have been blocked either on first encounter or very soon thereafter.<\/p>

For ESET, there are several fitting cases to highlight: The CI0p and LockBit ransomware samples, along with a couple other samples, would have been blocked in the first evaluation run. Although masked by the evaluation\u2019s focus on ESET Inspect<\/a>, it was actually ESET Live Guard Advanced<\/a>, a key technology layer in the ESET PROTECT platform, that was behind the initial detection and blocking of these ransomware samples. Any remaining malware would have been blocked on the second run. This is good news in the real world because it means that customers benefit from efficient protection against threats.<\/p>

In regard to the protection tests, while there are a few areas to improve the coverage provided by our products, 2024\u2019s tests mainly focused on isolated and sometimes not clearly malicious substeps that, in the real world, could actually be benign and thus cause harm to customers if blocked. On real-world systems, cyberattackers aren\u2019t running techniques and procedures \u201catomically,\u201d i.e., disconnected from a full attack chain. Instead, their operations are a buildup, and the task of detection and response solutions is to correlate the full context to identify correctly that something malicious is afoot.<\/p><\/div>

\"\"<\/div><\/div><\/div><\/div><\/div><\/div><\/div>
\u00a0<\/div>
Figure 1. Detection of the FULLHOUSE.DOORED backdoor in the DPRK config change run<\/div>
\u00a0<\/div>
\"\"<\/div><\/div><\/div><\/div><\/div><\/div><\/div>

Figure 2. Detection of the SDBbot installer in the Cl0p config change run<\/p>

\"\"<\/p>

Figure 3. Detection of the Firefox password stealer in the LockBit config change run<\/p>

We are left feeling that the pursuit of total coverage of the ATT&CK knowledge base does not necessarily improve defenses or automatically assist security analysts in their daily work. In contrast to forensics or malware analysis, detection and response require only enough coverage of highly prevalent or severe techniques (or substeps) for the analyst to trigger a response. Missing detections for low-prevalence or low-severity techniques does not necessarily translate to lower protection. Quite the opposite, it could mean that work is streamlined, and remediation is faster because the major steps needed to identify the attack are immediately highlighted, thereby allowing a timely and adequate response to be triggered \u2013 in some cases even with automatic blocking of the detected threat.<\/p>

Again, outside the ATT&CK Evaluations and atomic testing scenarios, third-party tests usually design scenarios that don\u2019t prioritize coverage of TTPs. Instead, they measure blocking, false positives, performance, cost, and the like by a fully functioning product suite. They also focus more on critical steps of an attack, such as endpoint compromise and foothold, internal propagation, and asset breach.\u00a0 The ultimate arbiter is stopping an attack, whether by blocking malicious files or killing malicious processes, or at least providing the security analyst with the means to do so.<\/p><\/div>

\u201cWhat sets this solution apart is its ability to deliver rapid response times, robust threat intelligence, and strong ransomware protection, all while offering strong compliance and localization support.\u201d<\/p>

-Warwick Ashford, Senior Analyst at KuppingerCole<\/p><\/div><\/div>

A number of strong results demonstrate the efficacy of real-world performance. This includes real-world tests, such as AV-Comparatives\u2019 Endpoint Prevention & Response (EPR) Test 2024 and 2023<\/a>, and analyst perspectives, including selection of ESET as a leader in both KuppingerCole\u2019s Leadership Compass for MDR <\/a>and Leadership Compass for Endpoint Protection Detection & Response<\/a>.<\/p>

In KuppingerCole\u2019s executive summary of the EPDR market, they discuss the wider industry\u2019s use of the MITRE ATT&CK framework, as well as the fact that endpoint protection platforms and EDR tool sets have converged into the logical integrated pairing of Endpoint Protection Detection & Response (EPDR). This means the majority of vendors aim to improve based on MITRE\u2019s micro-emulation of techniques and procedures, while developing successful, integrated EPDR proven by industry-standard, real-world testing. Ideally, covering these two scopes makes for battle-ready detection and response.<\/p><\/div>

Battle-ready EPDR<\/h3><\/header>

In fact, EPDR solutions are the battle-ready systems that institutions and businesses invest in, deploy, and operate today. Above and beyond this, ESET continues to seek out other avenues to challenge its products and its engineers. Perhaps the zenith of this search has been reached with our regular participation at Locked Shields<\/a>, a military simulation of today\u2019s digital battlespace organized by the NATO Cooperative Cyber Defense Centre of Excellence.<\/p>

In 2024, more than 60 ESET system engineers, security monitoring analysts, malware researchers and analysts, and comms specialists formed ranks with defenders from the Slovak and Hungarian militaries and the private and academic sectors to defend our assigned battlespace.<\/p>

Our tool, ESET Inspect, backed by our multilayered security platform ESET PROTECT, was central to Slovakia-Hungary\u2019s fourth place out of 18 participating teams and helped the team to top three placings in cyber threat intelligence, client-side protection and forensics. This cyber-battle simulation was an intensively immersive experience for all the technologists involved, whether as threat analysts working to understand the TTPs to anticipate the next stages of an attack or engineers configuring cyber defenses.<\/p><\/div>

Conclusion<\/h3><\/header>

ESET remains as motivated to leverage MITRE\u2019s Enterprise Evaluations to feed technical audiences with critical food for thought as we are to invest our institutional knowledge in Locked Shields to advance both our security practice and that of our NATO partners. The output of our engagement with MITRE, whether via the +350 contributions to the ATT&CK knowledge base or participation in the ATT&CK Evaluations, continues to be sharpened detection and response capabilities tuned to the real world and protecting our shared progress.<\/p><\/div><\/div><\/div><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

About ESET<\/strong>
For 30 years, ESET\u00ae has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET\u2019s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24\/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single \u201cin-the-wild\u201d malware without interruption since 2003.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

About Version 2 Digital<\/h3>

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n

\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

\u00a0 ESET\u2019s journey through 2024\u2019s TTP-heavy Enterprise AT […]<\/p>","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1273,40,61],"tags":[41,1272],"class_list":["post-100532","post","type-post","status-publish","format-standard","hentry","category-1273","category-eset","category-press-release","tag-eset","tag-1272"],"acf":[],"yoast_head":"\nRacing with MITRE to forge ESET Inspect for SOC and MDR use - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Racing with MITRE to forge ESET Inspect for SOC and MDR use - Version 2\" \/>\n<meta property=\"og:description\" content=\"\u00a0 ESET\u2019s journey through 2024\u2019s TTP-heavy Enterprise AT […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-31T04:16:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/inspect-250x250.png\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/12\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"Racing with MITRE to forge ESET Inspect for SOC and MDR use\",\"datePublished\":\"2024-12-31T04:16:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/12\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/\"},\"wordCount\":1493,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/BLOG\\\/inspect-250x250.png\",\"keywords\":[\"ESET\",\"2024\"],\"articleSection\":[\"2024\",\"ESET\",\"Press Release\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/12\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/\",\"url\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/\",\"name\":\"Racing with MITRE to forge ESET Inspect for SOC and MDR use - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/BLOG\\\/inspect-250x250.png\",\"datePublished\":\"2024-12-31T04:16:33+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/BLOG\\\/inspect-250x250.png\",\"contentUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/BLOG\\\/inspect-250x250.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/awards-and-testing\\\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Racing with MITRE to forge ESET Inspect for SOC and MDR use\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Racing with MITRE to forge ESET Inspect for SOC and MDR use - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/","og_locale":"en_US","og_type":"article","og_title":"Racing with MITRE to forge ESET Inspect for SOC and MDR use - Version 2","og_description":"\u00a0 ESET\u2019s journey through 2024\u2019s TTP-heavy Enterprise AT […]","og_url":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/","og_site_name":"Version 2","article_published_time":"2024-12-31T04:16:33+00:00","og_image":[{"url":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/inspect-250x250.png","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"Written by":"tracylamv2","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2024\/12\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"Racing with MITRE to forge ESET Inspect for SOC and MDR use","datePublished":"2024-12-31T04:16:33+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2024\/12\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/"},"wordCount":1493,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/inspect-250x250.png","keywords":["ESET","2024"],"articleSection":["2024","ESET","Press Release"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2024\/12\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/","url":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/","name":"Racing with MITRE to forge ESET Inspect for SOC and MDR use - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/#primaryimage"},"image":{"@id":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/inspect-250x250.png","datePublished":"2024-12-31T04:16:33+00:00","breadcrumb":{"@id":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/#primaryimage","url":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/inspect-250x250.png","contentUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/inspect-250x250.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.eset.com\/blog\/awards-and-testing\/racing-with-mitre-to-forge-eset-inspect-for-soc-and-mdr-use\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Racing with MITRE to forge ESET Inspect for SOC and MDR use"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/en\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-q9u","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/100532","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=100532"}],"version-history":[{"count":7,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/100532\/revisions"}],"predecessor-version":[{"id":100539,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/100532\/revisions\/100539"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=100532"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=100532"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=100532"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}