Blog Archives - Page 2 of 4

Enterprise SIEMs Miss 76% of all MITRE ATT&CK Techniques Used by Adversaries

CardinalOps’ third annual report analyzes real-world data from production SIEMs covering nearly 4,000 detection rules across diverse industry verticals If you’re looking to benchmark your SIEM with respect to its MITRE ATT&CK coverage and rule

SOC Meets Cloud: What Changes and What Stays the Same?

Michael Mumcuoglu, CEO & co-founder of CardinalOps, explores critical questions facing security operations center (SOC) leaders charged with supporting their organization’s migration to a cloud operation model and their digital transformation initiatives.

CardinalOps Contributes Updates to MITRE ATT&CK Techniques Related to Abuse of Mail Transport Rules

Adversaries are hijacking corporate email systems such as Office 365 by abusing email transport rules. Learn how these sophisticated attacks work, plus how to detect them in Splunk, Microsoft Sentinel, IBM QRadar & Sumo Logic.

Security Layers — Measuring MITRE ATT&CK Detection Coverage Across Your Entire Attack Surface, Linked to Business Outcomes

If you’re like most of us in the defender community, you’re probably tired of seeing all the colored heat maps used to represent MITRE ATT&CK detection coverage.

Detecting Microsoft Outlook Vulnerability CVE-2023-23397 in Splunk, IBM QRadar & Microsoft Sentinel

Summary Discovered by the Ukrainian CERT and attributed to APT28 (aka Fancy Bear or Strontium, the Russian GRU threat actor), CVE-2023-23397 is being actively exploited in targeted attacks against government, transportation, energy, and military sectors

CardinalOps CEO Discusses the State of Today’s SOC Teams on Silo Busting Podcast

Michael Mumcuoglu, CEO and Founder of CardinalOps, recently join the EPAM Continuum podcast, Silo Busting, for a discussion assessing the state of today’s SOC teams. Also featured on the podcast were Sam Rehman, EPAM’s Chief

State of Identity Podcast Episode 320: Detection Posture Management

Recently Phil Neray, VP of Cyber Defense Strategy at CardinalOps, was invited to join the State of Identity Podcast for a conversation on the latest cybersecurity threats and why orchestration is the key to a

CardinalOps Named as Winner in 2023 Cybersecurity Excellence Awards for Detection Posture Management

TEL-AVIV, Israel and BOSTON, March 9, 2023 — CardinalOps, the detection posture management company, today announced that the 2023 Cybersecurity Excellence Awards have selected the CardinalOps platform as gold winner of the Continuous Detection Posture Management (CDPM) category. Past

How Detection Posture Management Can Help CISOs Track the Right Metrics

In a recent SC Media column, Michael Mumcuoglu – CEO of CardinalOps, writes that instead of manually identifying gaps in MITRE ATT&CK coverage, it should be automated so that security teams always have a clear

What CISOs Don’t Know About Their SOCs

In a recent SC Media column, Michael Mumcuoglu – CEO of CardinalOps, wrote how continuous improvement techniques can help CISOs more effectively manage the growing threat landscape and improve the visibility and effectiveness of their

Why MITRE ATT&CK Has Taken Over the SOC World

I recently listened to an excellent summary about why MITRE ATT&CK has taken over the SOC world (sorry, it’s behind a paywall called “CSO Perspectives,” but this blog post is intended to summarize the key

Leveraging AI and Automation with MITRE ATT&CK to Eliminate Detection Coverage Gaps in Your SOC

At Black Hat 2022, our VP of Cyber Defense Strategy was interviewed on Security Guy TV to discuss why MITRE ATT&CK has become a standard way of describing your defensive posture to management as well