December 10, 2025. Leads & Copy — CrowdStrike’s Falcon platform achieved 100% detection and protection with zero false positives in the 2025 MITRE ATT&CK® Enterprise Evaluations. This year featured the program’s most technically challenging assessment, emulating a cloud adversary with cross-domain attacks.
According to Michael Sentonas, president of CrowdStrike, the company participated in these evaluations to provide industry transparency regarding platforms capable of stopping real-world threats.
This year’s MITRE evaluations expanded beyond endpoint techniques to assess true platform capabilities in defending against real-world attacks that move across identity, endpoint, and cloud. The Falcon platform demonstrated the ability to stop credential abuse, lateral movement, and cloud exploitation.
The MITRE evaluations tested platform capabilities against real-world attacks, emulating behaviors of the Chinese state-sponsored espionage group MUSTANG PANDA, and the eCrime group SCATTERED SPIDER, both known for compromising cloud environments. The evaluations also tested the platform’s ability to detect and contain early-stage attack activities.
The Falcon platform, built in the cloud with a single lightweight-agent architecture, offers rapid deployment, protection, and performance, while reducing complexity.
CrowdStrike offers resources to learn more about its MITRE ATT&CK® Enterprise Evaluations performance, including a blog and CrowdCast events:
- A blog detailing CrowdStrike’s achievement.
- Full results and information about the MITRE ATT&CK® Enterprise Evaluations.
- Registration for the CrowdStrike CrowdCast on the MITRE ATT&CK® Enterprise Evaluations on December 17 (AMER), December 18 (APJ), or January 8 (Europe).
CrowdStrike is a global cybersecurity leader known for its cloud-native platform that protects critical enterprise areas, such as endpoints, cloud workloads, identity, and data.
The CrowdStrike Falcon® platform uses the CrowdStrike Security Cloud and AI to provide accurate detections, automated protection and remediation, threat hunting, and prioritized vulnerability observability.
CrowdStrike’s website states: “We stop breaches.”
Source: CrowdStrike
