Blog
-
Read more: CardinalOps Contributes Updates to MITRE ATT&CK Techniques Related to Abuse of Mail Transport RulesCardinalOps Contributes Updates to MITRE ATT&CK Techniques Related to Abuse of Mail Transport Rules
Adversaries are hijacking corporate email systems such as Office 365 by abusing email transport rules. Learn how these sophisticated attacks work, plus how to detect them in Splunk, Microsoft Sentinel, IBM QRadar & Sumo Logic.
-
Read more: Security Layers — Measuring MITRE ATT&CK Detection Coverage Across Your Entire Attack Surface, Linked to Business OutcomesSecurity Layers — Measuring MITRE ATT&CK Detection Coverage Across Your Entire Attack Surface, Linked to Business Outcomes
If you’re like most of us in the defender community, you’re probably tired of seeing all the colored heat maps used to represent MITRE ATT&CK detection coverage.
-
Read more: Detecting Microsoft Outlook Vulnerability CVE-2023-23397 in Splunk, IBM QRadar & Microsoft SentinelDetecting Microsoft Outlook Vulnerability CVE-2023-23397 in Splunk, IBM QRadar & Microsoft Sentinel
Summary Discovered by the Ukrainian CERT and attributed to APT28 (aka Fancy Bear or Strontium, the Russian GRU threat actor), CVE-2023-23397 is being actively exploited in targeted attacks against government, transportation, energy, and military sectors
-
Read more: CardinalOps CEO Discusses the State of Today’s SOC Teams on Silo Busting PodcastCardinalOps CEO Discusses the State of Today’s SOC Teams on Silo Busting Podcast
Michael Mumcuoglu, CEO and Founder of CardinalOps, recently join the EPAM Continuum podcast, Silo Busting, for a discussion assessing the state of today’s SOC teams. Also featured on the podcast were Sam Rehman, EPAM’s Chief
-
Read more: State of Identity Podcast Episode 320: Detection Posture ManagementState of Identity Podcast Episode 320: Detection Posture Management
Recently Phil Neray, VP of Cyber Defense Strategy at CardinalOps, was invited to join the State of Identity Podcast for a conversation on the latest cybersecurity threats and why orchestration is the key to a
-
Read more: CardinalOps Named as Winner in 2023 Cybersecurity Excellence Awards for Detection Posture ManagementCardinalOps Named as Winner in 2023 Cybersecurity Excellence Awards for Detection Posture Management
TEL-AVIV, Israel and BOSTON, March 9, 2023 — CardinalOps, the detection posture management company, today announced that the 2023 Cybersecurity Excellence Awards have selected the CardinalOps platform as gold winner of the Continuous Detection Posture Management (CDPM) category. Past
-
Read more: How Detection Posture Management Can Help CISOs Track the Right MetricsHow Detection Posture Management Can Help CISOs Track the Right Metrics
In a recent SC Media column, Michael Mumcuoglu – CEO of CardinalOps, writes that instead of manually identifying gaps in MITRE ATT&CK coverage, it should be automated so that security teams always have a clear
-
Read more: What CISOs Don’t Know About Their SOCsWhat CISOs Don’t Know About Their SOCs
In a recent SC Media column, Michael Mumcuoglu – CEO of CardinalOps, wrote how continuous improvement techniques can help CISOs more effectively manage the growing threat landscape and improve the visibility and effectiveness of their
-
Read more: Why MITRE ATT&CK Has Taken Over the SOC WorldWhy MITRE ATT&CK Has Taken Over the SOC World
I recently listened to an excellent summary about why MITRE ATT&CK has taken over the SOC world (sorry, it’s behind a paywall called “CSO Perspectives,” but this blog post is intended to summarize the key
-
Read more: Leveraging AI and Automation with MITRE ATT&CK to Eliminate Detection Coverage Gaps in Your SOCLeveraging AI and Automation with MITRE ATT&CK to Eliminate Detection Coverage Gaps in Your SOC
At Black Hat 2022, our VP of Cyber Defense Strategy was interviewed on Security Guy TV to discuss why MITRE ATT&CK has become a standard way of describing your defensive posture to management as well
-
Read more: SIEM Detections for Okta PassBleed (Splunk, Microsoft Sentinel, IBM QRadar, Sumo Logic)SIEM Detections for Okta PassBleed (Splunk, Microsoft Sentinel, IBM QRadar, Sumo Logic)
Summary This blog post summarizes new password stealing and impersonation risks recently discovered for Okta, along with recommended SIEM detection rules and associated MITRE ATT&CK techniques for SIEM solutions including Splunk, Microsoft Sentinel, IBM QRadar,
-
Read more: Splunk and other SIEM detections for Follina, a clever MS-Office 0-daySplunk and other SIEM detections for Follina, a clever MS-Office 0-day
Summary This blog post summarizes Follina, an RCE zero-day discovered in Microsoft Office. It provides recommended detections in the native query languages for Splunk, Microsoft Sentinel, IBM QRadar, and Sumo Logic, along with associated MITRE