How Should My Security Analyst Use the MITRE ATT&CK Framework?
ATT&CK lets you communicate with peers about attackers and the kill chain. Ensure you have detections for “crown jewel” assets such as endpoints and the cloud.
ATT&CK lets you communicate with peers about attackers and the kill chain. Ensure you have detections for “crown jewel” assets such as endpoints and the cloud.
Ponemon data shows more than 80% of security professionals rate complexity of their SOC as very high, and less than 40% assess their SOC as highly effective.
CardinalOps protects some of the world’s most complex organizations, including a F50 consumer products company; top 10 global law firm; and a leading MDR/MSSP.
The security industry is building more and more tools to help organizations protect themselves, but the problem is that complexity is growing exponentially.
Founded in 2020, CardinalOps is led by entrepreneurs whose previous companies were acquired by Palo Alto Networks, HP, Microsoft Security, and IBM Security.
Provides recommendations prioritized according to your coverage and infrastructure.
Many attacks are successful not because companies don’t have good security products, but because they don’t use them effectively.
The CardinalOps platform helps SOC teams close coverage gaps. Industry veteran Phil Neray has also been named CMO and VP of Cyber Defense Strategy.
MITRE ATT&CK is one of the preeminent repositories of attack methodologies used by major threat actors. But SIEMs cover only 16% of techniques in MITRE ATT&CK.
25% of SIEM rules are broken and will never fire, due to fields that are not extracted correctly or log sources that are not sending the required data.
In a recent SC Media column, Michael Mumcuoglu – CEO of CardinalOps, wrote how continuous improvement techniques can help CISOs more effectively manage the growing threat landscape and improve the visibility and effectiveness of their
I recently listened to an excellent summary about why MITRE ATT&CK has taken over the SOC world (sorry, it’s behind a paywall called “CSO Perspectives,” but this blog post is intended to summarize the key