Demo Tuesdays: Falcon Zero Trust Coverage of the MITRE ATT&CK

The MITRE ATT&CK framework covers multiple tactics and techniques used to penetrate networks, move laterally, and ultimately take over the whole system and exfiltrate data. With our latest 3.3 release of the Zero Trust solution, we offer direct insight into the tactics and pathways which would be blocked or mitigated with a full CrowdStrike engagement.

In CrowdStrike FalconĀ® Zero Trust, we use the MITRE ATT&CK framework to help evaluate risk and dangers to your current identity store posture, as well as AD potential attacks. The Falcon Zero Trust solution helps you through this evaluation with a three-phase approach:

  • Assessment of whether your network is vulnerable to a particular technique
  • Detection covers how Falcon Zero Trust can detect and alert when a technique is used
  • Enforcement shows how security teams can use CrowdStrike to configure a policy to prevent the technique

In addition to the phases of this approach, each MITRE ATT&CK technique receives a score for how Zero Trust covers most approaches and current malware available in that technique.

Watch Senior Product Manager Alex Talyanski demonstrate how to download and evaluate the Zero Trust coverage for yourself.


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center