Blog Archives - Page 3 of 7

Closing the Gaps in Linux Auditing & Detection Strategies

Linux systems are often overlooked when setting up security auditing and threat detection strategies. The main reason is that Linux auditing is far less explored by the security community than Windows auditing. A survey done

SANS Webinar Highlights — Detection, Meet Prevention: Enriching Defenses with MITRE Mitigations

During the SANS Spring Cyber Solutions Fest’s Detection & Response track, Jay Lillie, CardinalOps VP of Customer Success, and Dr. Anton Chuvakin, Advisor to the Google Office of the CISO, discussed ways to improve SOC

The CardinalOps RSA Conference 2025 Hype Guide

Soon over 40,000 people will gather in San Francisco for this year’s RSA conference. Many consider RSAC the industry’s most significant event (though Black Hat / DEF CON would disagree…). Legions of vendors, practitioners, investors,

Detection, Evasion, and the Pursuit of Immutable Artifacts

You’re probably familiar with the classic thought experiment: If a tree falls in a forest and no one is around to hear it, does it make a sound? In cybersecurity, we can ask a similar

Monitoring Granular SOC Metrics: Peak Network Traffic and Initial User Logins

When considering KPIs for your SOC, mean time to detect, contain, and remediate (MTTR, MTTC, and MTTR); incident and alert volumes; and false positive rates get most of the attention. Regularly monitoring these higher-level metrics

Leveraging Metrics in Google SecOps SIEM for Enhanced Threat Detection

Google Security Operations (SecOps) SIEM offers powerful tools for threat detection, and one of its most valuable features is the use of metrics within YARA-L rules. Metrics allow you to aggregate historical data over extended

Webinar Highlights — Detection Engineering Maturity: Helping SIEMs Find Their Adulting Skills

Jay Lillie, CardinalOps VP of Customer Success, and Dr. Anton Chuvakin from the Google Office of the CISO engage in a fascinating conversation on the Do’s and Dont’s of SIEM at various stages of maturity.

Rethinking Threat Exposure Management: A Unified Approach to Reducing Risk

By Michael Mumcuoglu, Co-Founder and CEO, CardinalOps In today’s rapidly evolving threat landscape, organizations face an overwhelming challenge: understanding and addressing the many types of security exposures that put them at risk. These exposures include

Optimize Security Controls with Continuous Threat Exposure Management (CTEM)

In the dynamic landscape of cybersecurity, staying ahead of threats requires an evolved approach to managing security tools, and preventing and detecting potential attacks. Traditional vulnerability management and breach-and-attack simulation tools have proven to be

Enhancing Cyber Defense Through Automated Security Control Assessment (ASCA)

A chaotic threat landscape and rapidly changing attack techniques has organizations facing increased pressure to deal with persistent threats by developing and deploying new security controls and being able to identify and manage misconfigured controls.

Detection Posture Management: Reduce your organization’s exposure to threats

Even the best, most mature security teams must plan for worst-case scenarios – when an attack has slipped past their defensive and preventative technologies and becomes a threat. Detection is the last line of defense

CardinalOps Launches TI-Ops to Operationalize Adversary Intelligence through AI and Automation

Turn real adversary behaviors (TTPs) into actionable detection Organizations are struggling to keep up with an evolving threat landscape and security teams are increasingly burdened with the pressure to build an effective cyber defense against