News Releases2 min read

VMware Prevents 100% of Critical Attacks Tested During MITRE Engenuity ATT&CK® Evaluation

Yuri Arcurs

MITRE Results Showcase Powerful Combination of VMware Endpoint and Network Security

PALO ALTO, Calif. – March 31, 2022 – Today, VMware, Inc. (NYSE:VMW) announced the results of its successful completion of the MITRE Engenuity ATT&CK® Evaluation. VMware security solutions were put to the test in their detection and prevention of attack techniques used by Wizard Spider, a financially motivated cybercriminal group, and Sandworm, a destructive threat group that the U.S. and U.K. have attributed to Russia.

Modern cyberattacks are sophisticated, multi-step assaults launched by bad actors who disguise themselves in the noise of multi-cloud environments. During the evaluation, VMware delivered critical preventions in 100% of the cases tested with zero configuration changes.  The combination of VMware endpoint and network security provides customers with effective security that is easier to operate and designed specifically for the threats businesses and governments face today.

“MITRE Engenuity’s rigorous testing reflects the type of threats that our customers are seeing in the real world, where there are no redo’s,” said Scott Lundgren, Chief Technology Officer of VMware’s Security Business Unit. “With highly effective detection and prevention, our results demonstrate the power of VMware’s comprehensive endpoint and network visibility, which not only works out of the box, but also works the first time.”

Key MITRE ATT&CK® Evaluation results include:

  • VMware demonstrated comprehensive endpoint and network visibility into every step of the attacks emulated – VMware continues to pioneer the use of both endpoint detection and response (EDR) and network detection and response (NDR) to deliver vital lateral movement and privilege escalation detections.
  • VMware delivered critical preventions in 100% of the cases tested – Across all the scenarios tested, VMware prevented every attack using the same lightweight agent and cloud-based console as our industry-leading detection and response capabilities.
  • VMware required zero configuration changes for maximum out-of-the-box efficacy – As the volume and sophistication of cyberattacks increase, it’s critical that enterprise security solutions deliver value and scale on day one. VMware’s security solutions worked out-of-the-box, stopping today’s most sophisticated threats with no extra tuning needed.

To view the full Wizard Spider and Sandworm evaluation, please visit MITRE Engenuity for evaluation details.

About MITRE Engenuity

MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.

MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges, such as protecting critical infrastructure, creating a resilient semiconductor ecosystem, building a genomics center for public good, accelerating use case innovation in 5G, and democratizing threat-informed cyber defense.

About VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. For more information, please visit

This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

Media Contact

Kerry Tuttle, VMware Global Communications,