Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios Pro Rata

Dive into the world of dealmakers across VC, PE and M&A with Axios Pro Rata. Delivered daily to your inbox by Dan Primack and Kia Kokalitcheva.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Nashville news?

Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Columbus news?

Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Dallas news?

Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Austin news?

Get a daily digest of the most important stories affecting your hometown with the Axios Austin newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Atlanta news?

Get a daily digest of the most important stories affecting your hometown with the Axios Atlanta newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Philadelphia news?

Get a daily digest of the most important stories affecting your hometown with the Axios Philadelphia newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Chicago news?

Get a daily digest of the most important stories affecting your hometown with the Axios Chicago newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top DC news?

Get a daily digest of the most important stories affecting your hometown with the Axios DC newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Terracotta soldiers guard the mausoleum of Emperor Qin Shi Huang. Photo: Pete Saloutos/Getty Images

When it comes to cybersecurity research, the not-for-profit lab MITRE has traditionally maintained neutrality toward commercial products. But last week, it released its first security product evaluations. Here's why and how MITRE made the leap into what might at first sound like Yelp territory (but really isn't).

Why it matters: MITRE is best known for its role in assisting the government in public/private partnerships. In cybersecurity, until now, a lot of its high-profile work was more as an archivist than an active defender.

  • That's not meant as a dig. One of their key projects, the ATT&CK framework, is an important database of prominent hacking groups' techniques across a broad spectrum of categories.

What MITRE released last week were the results of simulated attacks from the believed-to-be-Chinese espionage group known as Gothic Panda or APT3 using the information collected for that ATT&CK framework. MITRE plans this release of product evaluations to be the first of many, with other tests gauging products against other attackers.

Yes, but: "We're not Consumer Reports," said Frank Duff, lead engineer for the evaluations program.

  • MITRE isn't providing head-to-head comparisons of products or ranked lists. There are no best buys.
  • The primary goal, at least to MITRE, is to encourage product improvement.
  • But MITRE also expects potential buyers will use the results and vendors will view the process as, in part, a marketing exercise.
  • "It can serve all of those purposes," said Duff.

Techniques, not malware: Before the MITRE tests were announced, there were already a lot of places for antivirus companies to test whether they could detect malicious programs that hackers installed on a system. But as CrowdStrike's Scott Taschler, director of product marketing, noted, "When it comes to advanced, targeted attacks, malware is only a part of the problem." A hacker might not use any malware, and security products still need to be tested on how they respond to those attacks.

Vendors paid for their tests, with the first cohort including Carbon Black, CounterTack, CrowdStrike, Endgame, Microsoft, RSA and SentinelOne.

  • No product weeds out the simulated attacker at every technique and tactic — and that's largely by design. Products focus on specific subsections of security, and most companies being targeted by spies have more than one product running at a time.
  • But the testing does show specifically where products could adapt to discover an attacker at different points. And that's important: As hackers upgrade their tools or learn new techniques, they can evade some previously effective defenses.

The bottom line: Scott Lundgren, chief technology officer at Carbon Black, said, "If the community rises up and documents and positions their security posture with ATT&CK in mind, we are all raising the bar and making it more expensive for adversaries to operate."

Go deeper

Prosecutors charge parents of Michigan school shooting suspect

Photo: Scott Olson/Getty Images

The parents of a 15-year-old accused of killing four students and wounding seven other people at a Michigan high school have been charged with involuntary manslaughter, according to court documents.

State of play: James and Jennifer Crumbley were each charged with four counts of involuntary manslaughter.

42 mins ago - World

Putin to demand legal guarantee against NATO expansion in call with Biden

Biden and Putin meeting in Geneva in June. Photo: Mikhail Metzel\TASS via Getty Images

Russian President Vladimir Putin is demanding a legally binding guarantee that NATO will not expand east — including to Ukraine — and plans to raise the issue in an upcoming phone call with President Biden, according to the Kremlin.

Why it matters: Russia has massed more than 94,000 troops on the border with Ukraine and could be preparing for a large-scale invasion at the end of January, Ukraine's defense minister said Friday.

A tale of two jobs reports

Source: Bureau of Labor Statistics; Chart: Axios Visuals

Whatever you think about the economy, you’ll find something in this morning’s conflicting jobs report to reinforce your views: America's job market is white-hot and the labor market is anemic.

Between the lines: The conflict comes from the two separate surveys the government uses to compile the report.

You’ve caught up. Now what?

Sign up for Mike Allen’s daily Axios AM and PM newsletters to get smarter, faster on the news that matters.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!