CardinalOps
  • Platform
  • Use Cases

    Use Cases

    • Map all your detections to MITRE ATT&CK
    • Gain new detections to address critical gaps
    • Identify and fix broken rules
    • Pinpoint root causes of noisy rules
    • Save costs and rationalize your entire security stack
    • Measure the depth of ATT&CK coverage
    • Automate to gain agility and address hiring challenges
    • Jumpstart cloud monitoring for your SOC
    • Report on detection posture to leadership and auditors
    • Manage detection posture across multiple SIEMs
  • Integrations
  • Company

    Company

    • Who we are

      Meet the leadership team, advisors, investors, and mission that drive us forward.

    • Why work here

      Big challenges need big thinkers. Are you up to it?

    • Careers

      Your opportunity to make a difference … for our customers, the world, and yourself.

  • Resources

    Resources

    • Newsroom
    • Blog
    • White Papers & Videos
    • Webinars & Events
  • Contact Us
  • Book a Demo
HOME
  • Blog
  • Newsroom
  • Webinars & Events
  • White Papers & Videos
  • Enterprise SIEMs Miss 76% of all MITRE ATT&CK Techniques Used by Adversaries

    Enterprise SIEMs Miss 76% of all MITRE ATT&CK Techniques Used by Adversaries

    CardinalOps’ third annual report analyzes real-world data from production SIEMs covering nearly 4,000 detection rules across diverse industry verticals If you’re looking to benchmark your SIEM with respect to its MITRE ATT&CK coverage and rule

  • A CISO’s Perspective on Improving SecOps Effectiveness

    A CISO’s Perspective on Improving SecOps Effectiveness

    Join us on September 28 at 11:00 am EDT to learn from Javier García Quintela, Repsol’s Global CISO, as he shares strategies to mitigate risks of ransomware, breaches, and insider threats using automation and analytics.

  • North Korean Attackers Penetrated Russian Rocket

    North Korean Attackers Penetrated Russian Rocket

    “It’s not surprising that nation-state attackers were able to break into the network of a Russian design bureau so they could exfiltrate sensitive information,” said Phil Neray, vice president of Cyber Defense Strategy at CardinalOps.

  • Cuba ransomware group observed exploiting high-severity Veeam bug

    Cuba ransomware group observed exploiting high-severity Veeam bug

    Phil Neray of CardinalOps suggests that “organizations should protect themselves by implementing granular monitoring with detections that cover all of these adversary techniques and look for unusual or unauthorized access to backups.”

  • Cuba Ransomware Group Exploiting Veeam Flaw in Latest Campaign

    Cuba Ransomware Group Exploiting Veeam Flaw in Latest Campaign

    A skilled, high-profile Cuban ransomware group employed “29 different MITRE ATT&CK techniques as they navigated the kill chain from initial access to defense evasion and lateral movement,” according to Phil Neray of CardinalOps.

  • Critical Flaws in PowerShell Gallery Enable Malicious Exploits

    Critical Flaws in PowerShell Gallery Enable Malicious Exploits

    Phil Neray of CardinalOps describes the Aqua Nautilus vulnerability persisting within the PowerShell Gallery as “a classic supply-chain challenge when using open source code…” Neray offers an approach to help prevent attacks.

  • Using Automation to Hunt for the Elusive LOLBAS

    Using Automation to Hunt for the Elusive LOLBAS

    The latest LOLBAS attacks are “innovative” and “difficult to detect” according to Phil Neray, VP of Cyber Defense Strategy at CardinalOps. Detection will require “machine learning that figures out how to spot suspicious activity.”

  • Insights from the 2023 State of Cloud Threat Detection and Response Report

    Insights from the 2023 State of Cloud Threat Detection and Response Report

    Black Hat Webinar Executive Summary It probably comes as no surprise that most organizations already conduct the majority of their computing in the cloud. In fact, according to the “State of Cloud Threat Detection and Response”

  • The Gately Report: Black Hat USA Edition

    The Gately Report: Black Hat USA Edition

    The Gately Report: Black Hat USA Edition highlighted Gartner’s recognition of CardinalOps as a Sample Vendor for automated security controls assessment (ASCA) as a “revenue opportunity for partners in many different ways.”

  • The Future of Log Centralization for SIEMs and DFIR – Is the End Nigh?

    The Future of Log Centralization for SIEMs and DFIR – Is the End Nigh?

    Join us on August 22nd at 1:00 pm EDT for this SANS webinar. Led by Dr. Anton Chuvakin, we’ll explore the pros and cons of log centralization and decentralization for SIEMs and DFIR.

  • CardinalOps Recognized in 2023 Gartner® Hype Cycle™ Report for Security Operations and in 2023 Gartner Hype Cycle Report for Workload and Network Security

    CardinalOps Recognized in 2023 Gartner® Hype Cycle™ Report for Security Operations and in 2023 Gartner Hype Cycle Report for Workload and Network Security

    Gartner concludes that “Organizations implementing ASCA processes and technologies enhance staff efficiency, minimize the impact of human errors and improve resilience in the face of organizational churn.”

  • Gartner Identifies CardinalOps as a Sample Vendor for Automated Security Controls Assessment (ASCA)

    Gartner Identifies CardinalOps as a Sample Vendor for Automated Security Controls Assessment (ASCA)

    CardinalOps, the detection posture management company, has been recognized as a Sample Vendor in two prestigious Gartner Hype Cycles – Gartner Hype Cycle for Security Operations, 2023 and Gartner Hype Cycle for Workload and Network

  • Gartner® Report: Hype Cycle™️ for Security Operations, 2023

    Gartner® Report: Hype Cycle™️ for Security Operations, 2023

    Read this complimentary report from Gartner® – Hype Cycle for Security Operations for 2023. Learn about Automated Security Control Assessment and how it can strengthen your security posture.

1 2 3 … 14
Next Page

Boost productivity 10x … Really?

CardinalOps’ detection posture management platform maximizes your MITRE ATT&CK coverage for the latest threats and eliminates hidden detection gaps which you may not even know you have. Setup takes less than an hour because there are no agents to deploy or appliances to configure, and it easily connects via the native APIs of your SIEM/XDR. What’s more, it helps boost your detection engineering team’s productivity 10x compared to manual processes.

Yes, really.

Book a Demo
CardinalOps
  • Privacy Policy
  • Terms & Conditions

©2023 CardinalOps