CardinalOps’ third annual report analyzes real-world data from production SIEMs covering nearly 4,000 detection rules across diverse industry verticals If you’re looking to benchmark your SIEM with respect to its MITRE ATT&CK coverage and rule
Join us on September 28 at 11:00 am EDT to learn from Javier García Quintela, Repsol’s Global CISO, as he shares strategies to mitigate risks of ransomware, breaches, and insider threats using automation and analytics.
“It’s not surprising that nation-state attackers were able to break into the network of a Russian design bureau so they could exfiltrate sensitive information,” said Phil Neray, vice president of Cyber Defense Strategy at CardinalOps.
Phil Neray of CardinalOps suggests that “organizations should protect themselves by implementing granular monitoring with detections that cover all of these adversary techniques and look for unusual or unauthorized access to backups.”
A skilled, high-profile Cuban ransomware group employed “29 different MITRE ATT&CK techniques as they navigated the kill chain from initial access to defense evasion and lateral movement,” according to Phil Neray of CardinalOps.
Phil Neray of CardinalOps describes the Aqua Nautilus vulnerability persisting within the PowerShell Gallery as “a classic supply-chain challenge when using open source code…” Neray offers an approach to help prevent attacks.
The latest LOLBAS attacks are “innovative” and “difficult to detect” according to Phil Neray, VP of Cyber Defense Strategy at CardinalOps. Detection will require “machine learning that figures out how to spot suspicious activity.”
Black Hat Webinar Executive Summary It probably comes as no surprise that most organizations already conduct the majority of their computing in the cloud. In fact, according to the “State of Cloud Threat Detection and Response”
The Gately Report: Black Hat USA Edition highlighted Gartner’s recognition of CardinalOps as a Sample Vendor for automated security controls assessment (ASCA) as a “revenue opportunity for partners in many different ways.”
Join us on August 22nd at 1:00 pm EDT for this SANS webinar. Led by Dr. Anton Chuvakin, we’ll explore the pros and cons of log centralization and decentralization for SIEMs and DFIR.
Gartner concludes that “Organizations implementing ASCA processes and technologies enhance staff efficiency, minimize the impact of human errors and improve resilience in the face of organizational churn.”
CardinalOps, the detection posture management company, has been recognized as a Sample Vendor in two prestigious Gartner Hype Cycles – Gartner Hype Cycle for Security Operations, 2023 and Gartner Hype Cycle for Workload and Network
Read this complimentary report from Gartner® – Hype Cycle for Security Operations for 2023. Learn about Automated Security Control Assessment and how it can strengthen your security posture.