The MITRE ATT&CK Enterprise Evaluations, widely considered the most rigorous cybersecurity testing program, published results for Enterprise Round 7 (ER7) in December 2025, revealing significant industry-wide protection gaps. The evaluation incorporated cloud adversary emulation, identity-centric attacks, and cross-environment lateral movement simultaneously for the first time, testing against real adversaries including Scattered Spider, the criminal collective behind the MGM Resorts and Caesars Entertainment breaches, and Mustang Panda, a PRC state-sponsored espionage group.
Nine vendors participated in the evaluation, with three major players—Microsoft, SentinelOne, and Palo Alto Networks—withdrawing before testing began. The results showed the maximum block rate achieved by any ER7 vendor was 31%, with CrowdStrike and Cybereason tying for the highest protection score. More concerning was the 0% identity attack blocking rate across all nine vendors, despite Test 2 targeting identity providers using Scattered Spider's exact playbook from the MGM and Caesars attacks. Cloud attack blocking rates ranged from 0% to 7.7% across the cohort, with five of nine vendors blocking nothing in the first AWS adversary emulation in MITRE's history.
While Microsoft cited its Secure Future Initiative, SentinelOne described the evaluations as "PR-driven," and Palo Alto Networks cited internal innovation focus for their withdrawals, VectorCertain LLC took the opposite approach. Using MITRE's published ER7 adversary emulations as its baseline, VectorCertain ran its SecureAgent platform through a rigorous self-evaluation spanning Sprints 30–34, completed February–March 2026. The company extended the evaluation beyond ER7's scope by adding Volt Typhoon, a third adversary targeting U.S. critical infrastructure, and testing behavioral governance via the H-Neuron Overcompliance Test Suite and memory governance via the Adaptive Memory Relevance Scoring framework.
VectorCertain's internal evaluation results showed 100% protection rate against all three adversaries across 14,208 total tests, with 0 failures and 0% false positive rate. The company has formally enrolled in MITRE's Enterprise Round 8 (ER8) for independent verification. VectorCertain publishes its full test methodology, scenario definitions, gate distributions, and reproducibility protocols at https://vectorcertain.com, with complete data available for independent review.
The architectural difference between SecureAgent and traditional platforms explains the protection gap, according to VectorCertain's analysis. SecureAgent's four-gate governance pipeline evaluates every proposed AI agent action before execution, rather than detecting threats after they occur. This approach addresses the fundamental limitation that identity abuse doesn't generate endpoint telemetry—Scattered Spider manipulates identity systems through authentication flows that appear as legitimate user behavior to traditional EDR sensors.
The ER7 results have significant macroeconomic implications. Global fraud and cybersecurity losses totaled $485.6 billion in 2023 according to Nasdaq Verafin's 2024 Global Financial Crime Report, while AI-specific cyberattacks cost an estimated $15 billion in 2024. TransUnion's H2 2025 Top Fraud Trends Report documented that companies worldwide lose 7.7% of their annual revenue on average to fraud, with U.S. organizations reaching 9.8%—a 46% increase year-over-year. VectorCertain characterizes this as a 7% Global AI and Cybersecurity Tax on the world's economies.
IBM's 2025 Cost of a Data Breach Report quantifies the impact at the breach level, with the global average incident costing $4.44 million and U.S. organizations absorbing a record $10.22 million. More than $4 million of that cost occurs after the attacker is already inside. However, IBM's research found that organizations deploying AI in prevention workflows saved an average of $2.22 million per breach—the single largest cost-reduction factor in the study.
ER8 will introduce a standardized composite scoring framework, moving beyond binary detection and protection flags toward holistic measurement of how completely platforms stop adversaries. VectorCertain's enrollment positions SecureAgent as the first AI Safety and Governance platform in the history of the ATT&CK Evaluations program. The complete ER7 industry data is available at https://evals.mitre.org, published in December 2025.
