[January 20, 2020, 8:00am Pacific Standard Time, USA]
Tel-Aviv, IL and Palo Alto, CA — (BUSINESS WIRE) — CardinalOps today introduced the industry’s first Threat Coverage Optimization Platform, which enables security engineers to continuously optimize their security operations center (SOC) to ensure comprehensive threat coverage. CardinalOps also announced today the closing of a $6.5 million Series Seed fundraising led by Battery Ventures, Glilot Capital and several renowned security industry leaders.
It is well documented that the security industry continues to experience frequent data breaches despite growing enterprise investment in novel security tools. The majority of these attacks leverage well known attack vectors that are left unaddressed by security operators, who typically have a threat detection tool deployed that successfully detects the attack but fails to take action due to an implementation error or misconfiguration. Former Research VP and Distinguished Analyst at Gartner, Anton Chuvakin, describes this problem saying “buying security technologies seems to be a much easier task than utilizing them and operationalizing them for many organizations. In fact, there is a lot more guidance on ‘which tool to buy?’ and ‘how to buy security right?’ than on how to actually make use of the tool in a particular environment.”
CardinalOps new Threat Coverage Optimization (TCO) Platform leverages AI-based analytics to close this gap and ensure comprehensive threat coverage. The TCO Platform identifies gaps in existing logs, rules and policies relative to the industry standard MITRE ATT&CK framework, and delivers organization-specific SIEM and SOC rule recommendations and misconfiguration fixes to optimize threat coverage that are prioritized based upon real-time asset inventory analysis, industry-specific threats, and other factors.
“I evaluate emergent security solutions all the time, and the dynamic nature of systems feeding the SOC is as dynamic as the threat landscape itself. So the SOC infrastructure and the engineering that drives it has to be equally dynamic and automated, and it has to be able to compensate for high turnover and the challenges of finding qualified security engineering staff,” said Joey Johnson, CISO of Premise Health. “CardinalOps is solving this core security operations business problem.”
Leading security industry venture investors Battery Ventures, Glilot Capital and other respected security industry leaders validated this market challenge by investing $6.5 million of seed capital to commercialize the TCO Platform and lead the market in this new field of AI-powered Security Engineering.
“There is an established security industry trend of applying AI to automate threat detection and response, so we were surprised to learn how manual and ineffective basic SOC engineering processes remain. Michael and Yair have hit on a major pain point by introducing this new platform to automate these core threat engineering tasks, which will have a major impact on improving enterprise security posture.” – Itzik Parnafes, General Partner, Battery Ventures
“When presented with the opportunity to work again with a brilliant security industry entrepreneur like Michael, we jumped at the opportunity. Michael is a visionary that has a proven record of building and commercializing successful products.” – Arik Kleinstein, Co-Founder and Managing Partner, Glilot Capital
About CardinalOps
CardinalOps was founded to bring AI-based analytics and automation to critical security engineering functions to ensure comprehensive threat coverage by SIEM and SOC tools. The CardinalOps Threat Coverage Optimization (TCO) Platform quantifies and enumerates the gap that exists between theoretically optimum threat coverage, represented by the MITRE ATT&CK framework, and actual threat coverage, measured by actual SIEM and SOC tool configurations. The TCO Platform was built to close that Threat Coverage Gap by providing real-time configuration change and misconfiguration fix recommendations that are unique to each organization’s capabilities and threats. CardinalOps was founded in 2020 by a team of cybersecurity veteran entrepreneurs, is backed by blue-chip investors, and is based in Silicon Valley and Israel. For more information, please visit: www.cardinalops.com.