CardinalOps
  • Platform
  • Use Cases

    Use Cases

    • Map all your detections to MITRE ATT&CK
    • Gain new detections to address critical gaps
    • Identify and fix broken rules
    • Pinpoint root causes of noisy rules
    • Save costs and rationalize your entire security stack
    • Measure the depth of ATT&CK coverage
    • Automate to gain agility and address hiring challenges
    • Jumpstart cloud monitoring for your SOC
    • Report on detection posture to leadership and auditors
    • Manage detection posture across multiple SIEMs
  • Integrations
  • Company

    Company

    • Who we are

      Meet the leadership team, advisors, investors, and mission that drive us forward.

    • Why work here

      Big challenges need big thinkers. Are you up to it?

    • Careers

      Your opportunity to make a difference … for our customers, the world, and yourself.

  • Resources

    Resources

    • Newsroom
    • Blog
    • White Papers & Videos
    • Webinars & Events
  • Contact Us
  • Book a Demo
HOME Resources
  • Blog
  • Newsroom
  • Webinars & Events
  • White Papers & Videos
  • CardinalOps Contributes Updates to MITRE ATT&CK Techniques Related to Abuse of Mail Transport Rules

    Adversaries are hijacking corporate email systems such as Office 365 by abusing email transport rules. Learn how these sophisticated attacks work, plus how to detect them in Splunk, Microsoft Sentinel, IBM QRadar & Sumo Logic.

    Read more: CardinalOps Contributes Updates to MITRE ATT&CK Techniques Related to Abuse of Mail Transport Rules
  • Splunk and other SIEM detections for Follina, a clever MS-Office 0-day

    Summary This blog post summarizes Follina, an RCE zero-day discovered in Microsoft Office. It provides recommended detections in the native query languages for Splunk, Microsoft Sentinel, IBM QRadar, and Sumo Logic, along with associated MITRE

    Read more: Splunk and other SIEM detections for Follina, a clever MS-Office 0-day
  • Enterprise SIEMs Detect Fewer Than 5 of Top 14 MITRE ATT&CK Adversary Techniques Used in the Wild

    “Organizations need to become more intentional about detection in their SOCs. What should we detect? Do we have use cases for those scenarios? Do they actually work? Do they help my SOC analysts effectively triage

    Read more: Enterprise SIEMs Detect Fewer Than 5 of Top 14 MITRE ATT&CK Adversary Techniques Used in the Wild
  • Spring into action (with SIEM detection rules for Spring4shell)

    Spring into action (with SIEM detection rules for Spring4shell) The Spring Framework is an open source application framework that provides infrastructure support for developing Java applications. The framework can be used by any Java application

    Read more: Spring into action (with SIEM detection rules for Spring4shell)
  • Lapsus$ vs the world: SIEM detection rules with ATT&CK mapping

    Image credit: World of Dictionary A new player has entered the game The ”Lapsus$” group, unknown before December 2021, has made multiple headlines in recent weeks, following multiple data breaches in big companies such as

    Read more: Lapsus$ vs the world: SIEM detection rules with ATT&CK mapping

Boost productivity 10x … Really?

CardinalOps’ detection posture management platform maximizes your MITRE ATT&CK coverage for the latest threats and eliminates hidden detection gaps which you may not even know you have. Setup takes less than an hour because there are no agents to deploy or appliances to configure, and it easily connects via the native APIs of your SIEM/XDR. What’s more, it helps boost your detection engineering team’s productivity 10x compared to manual processes.

Yes, really.

Book a Demo
CardinalOps
  • Privacy Policy
  • Terms & Conditions

©2023 CardinalOps