The MITRE ATT&CK Enterprise Evaluations, widely considered the most rigorous cybersecurity testing program, revealed significant protection gaps across the industry in its December 2025 Enterprise Round 7 results. Nine participating vendors achieved a maximum block rate of 31%, with CrowdStrike and Cybereason tying for the highest protection score. The remaining 69% of adversarial actions executed without being stopped, according to data published at https://evals.mitre.org.
Most concerning was the complete failure against identity-based attacks. Test 2 targeted identity providers using Scattered Spider's core techniques, the exact playbook used against MGM Resorts and Caesars Entertainment in breaches that extracted hundreds of millions in losses. Every vendor across every substep scored zero on identity protection. Identity represents the primary attack surface for the most financially destructive criminal group active today, and the entire industry blocked none of it.
Cloud attack protection proved equally inadequate, with blocking rates ranging from 0% to 7.7% across the ER7 cohort. Test 7 was the first AWS adversary emulation in MITRE's history, and five of nine vendors blocked nothing. The best result involved one substep out of thirteen achieved by four vendors. Lex Crumpton, Principal Cybersecurity Engineer and Technical Lead for ATT&CK Evaluations at MITRE, stated that the evaluation provided "a comprehensive view of today's cyber landscape, testing defenses against identity abuse, cloud exploitation, and strategic espionage."
Three major vendors withdrew from participation before the evaluation began. Microsoft cited its Secure Future Initiative, SentinelOne described the evaluations as "PR-driven," and Palo Alto Networks cited internal innovation focus. These organizations represent the most widely deployed enterprise security platforms globally, yet their customers operate under potentially false assumptions about protection levels. Participation trends show a concerning decline from 30 vendors in 2022 to just 11 in 2025, a 63% reduction in three years.
VectorCertain LLC responded differently to the industry challenges. Using MITRE's published ER7 adversary emulations as its baseline, the company ran its SecureAgent platform through rigorous self-evaluation spanning Sprints 30-34, completed February-March 2026. VectorCertain extended the evaluation beyond ER7's scope by adding Volt Typhoon, a third adversary targeting U.S. critical infrastructure via living-off-the-land techniques that ER7 did not test. The company also incorporated behavioral governance testing via the H-Neuron Overcompliance Test Suite and memory governance testing via the Adaptive Memory Relevance Scoring framework.
VectorCertain's internal evaluation results showed 38 techniques evaluated across three full adversary scenarios with 14,208 total tests executed. The platform achieved 0 failures, with every adversarial technique blocked across every sprint, resulting in a 100% protection rate against all three adversaries. Governance decision latency remained under 100 milliseconds on every test, with every result reproduced identically across three consecutive independent runs. These are VectorCertain's internal evaluation results, conducted by VectorCertain against its own platform using ER7-aligned methodology, and are not MITRE-published results.
The company attributes these results to its architectural approach. SecureAgent employs a four-gate governance pipeline that evaluates every proposed AI agent action before it reaches the environment. This pre-execution governance model addresses what VectorCertain identifies as the structural limitation of platforms built to detect threats after execution rather than prevent actions before them. The company's analysis of all 1,986 rows of ER7 cohort data confirms this architectural ceiling explains the protection gap.
The macroeconomic implications are significant. Global fraud and cybersecurity losses totaled $485.6 billion in 2023 according to Nasdaq Verafin's 2024 Global Financial Crime Report available at https://www.nasdaq.com/solutions/verafin. AI-specific cyberattacks cost an estimated $15 billion in 2024, with projections suggesting this will double by 2030 as autonomous adversarial AI matures. TransUnion's H2 2025 Top Fraud Trends Report documented that companies worldwide lose 7.7% of their annual revenue on average to fraud, with U.S. organizations experiencing 9.8% losses. VectorCertain characterizes this as a "7% Global AI and Cybersecurity Tax" on the world's economies.
IBM's 2025 Cost of a Data Breach Report quantifies the problem at the breach level, showing the global average incident now costs $4.44 million, with U.S. organizations absorbing a record $10.22 million. More than $4 million of that cost occurs after attackers are already inside the system. IBM's research found that organizations deploying AI in prevention workflows saved an average of $2.22 million per breach, making prevention the highest-ROI security investment available according to their data.
VectorCertain has formally enrolled in MITRE's ATT&CK Evaluations Enterprise 2026 (ER8), positioning SecureAgent as the first AI Safety and Governance platform in the history of the ATT&CK Evaluations program. ER8 will introduce a standardized composite scoring framework moving beyond binary detection and protection flags toward holistic measurement of how completely platforms stop adversaries. The company's enrollment follows its internal evaluation against ER7 methodology and extension of testing scope with additional adversaries and governance dimensions.
