The MITRE ATT&CK framework is a very effective tool for “adversary emulation”, cataloging how adversaries behave, what they’re trying to do, and the techniques used to accomplish their means. Moreover, the framework aims to provide a common language and vocabulary for practitioners, vendors, and all parties working to understand common threat actors and techniques.
In November 2018, MITRE evaluated a subset of techniques in an open-test environment, working with vendors to analyze their detection capabilities against these common techniques. With the results of this first evaluation now published, many are trying to make sense of results to understand the efficacy of different solutions in the marketplace today.