News & Updates
“These findings illustrate a simple truth: Most organizations don’t have good visibility into their MITRE ATT&CK coverage and are struggling to get the most from their existing SIEMs,” said CardinalOps co-founder and CEO Michael Mumcuoglu.
Researchers from CardinalOps analyzed data from production SIEM platforms from companies such as Splunk, Microsoft Sentinel, IBM QRadar, and Sumo Logic, and found that they have detections for just 24% of all MITRE ATT&CK techniques.
CardinalOps, the detection posture management company, is sponsoring a live SANS webinar to help today’s Security Operations teams implement a risk-based detection strategy to address modern threats and a quickly expanding attack surface.
Phil Neray, VP of Cyber Defense Strategy at CardinalOps suggests adding “Cybersecurity First Principles: A Reboot of Strategy and Tactics” by Rick Howard to your summer reading list. You’ll get a practitioner’s point-of-view on security principles.
Michael Mumcuoglu, CEO & co-founder of CardinalOps, explores critical questions facing security operations center (SOC) leaders charged with supporting their organization’s migration to a cloud operation model and their digital transformation initiatives.
Tel Aviv Stock Exchange has deployed the CardinalOps platform to identify and remediate missing, broken, and noisy detections, enabling a proactive, threat-informed defense tied to the risks most relevant to them.
Enables financial services firm to operationalize MITRE ATT&CK with Splunk and eliminate detection coverage gaps based on organizational risk and priorities.
The CardinalOps security research team collaborates with MITRE to strengthen ATT&CK, describing new ways in which adversary groups like LAPSUS$ hijack corporate email systems such as Office 365, Microsoft Exchange, and Google Workspace.
CardinalOps contributes to the latest version of MITRE ATT&CK, providing recommended detections in the native query languages for Splunk, Microsoft Sentinel, IBM QRadar and Sumo Logic, to combat cyber adversaries abusing email rules during attacks.
Ransomware threat actors target energy companies due to significant profits and a high number of remote access connections that can be exploited via weak or stolen credentials or VPN vulnerabilities.
CardinalOps CEO on How Detection Posture Management Finds, Remediates Security Gaps SOCs are facing increased challenges due to the ever-growing complexity of infrastructure and technology, which expands the attack surface. CardinalOps CEO Michael Mumcuoglu said
Enables detection-in-depth by enumerating how many layers in your attack surface (endpoint, network, cloud, email, IAM, etc.) are covered for a given technique.