CardinalOps Announces Funding Round With Viola Ventures, Battery Ventures, Glilot Capital, Symbol
Provides recommendations prioritized according to your coverage and infrastructure.
-
-
CardinalOps Secures $17.5 Million Series A to Map Cyber Threats
Many attacks are successful not because companies don’t have good security products, but because they don’t use them effectively.
-
CardinalOps Raises $17.5 Million for Threat Coverage Optimization Platform
The CardinalOps platform helps SOC teams close coverage gaps. Industry veteran Phil Neray has also been named CMO and VP of Cyber Defense Strategy.
-
SIEM Rules Ignore Bulk of MITRE ATT&CK Framework
MITRE ATT&CK is one of the preeminent repositories of attack methodologies used by major threat actors. But SIEMs cover only 16% of techniques in MITRE ATT&CK.
-
Research: Enterprise SIEMs Unprepared for 84% of MITRE ATT&CK Tactics and Techniques
25% of SIEM rules are broken and will never fire, due to fields that are not extracted correctly or log sources that are not sending the required data.
-
What CISOs Don’t Know About Their SOCs
In a recent SC Media column, Michael Mumcuoglu – CEO of CardinalOps, wrote how continuous improvement techniques can help CISOs more effectively manage the growing threat landscape and improve the visibility and effectiveness of their
-
Why MITRE ATT&CK Has Taken Over the SOC World
I recently listened to an excellent summary about why MITRE ATT&CK has taken over the SOC world (sorry, it’s behind a paywall called “CSO Perspectives,” but this blog post is intended to summarize the key
-
Leveraging AI and Automation with MITRE ATT&CK to Eliminate Detection Coverage Gaps in Your SOC
At Black Hat 2022, our VP of Cyber Defense Strategy was interviewed on Security Guy TV to discuss why MITRE ATT&CK has become a standard way of describing your defensive posture to management as well
-
SIEM Detections for Okta PassBleed (Splunk, Microsoft Sentinel, IBM QRadar, Sumo Logic)
Summary This blog post summarizes new password stealing and impersonation risks recently discovered for Okta, along with recommended SIEM detection rules and associated MITRE ATT&CK techniques for SIEM solutions including Splunk, Microsoft Sentinel, IBM QRadar,
-
Splunk and other SIEM detections for Follina, a clever MS-Office 0-day
Summary This blog post summarizes Follina, an RCE zero-day discovered in Microsoft Office. It provides recommended detections in the native query languages for Splunk, Microsoft Sentinel, IBM QRadar, and Sumo Logic, along with associated MITRE
-
Enterprise SIEMs Detect Fewer Than 5 of Top 14 MITRE ATT&CK Adversary Techniques Used in the Wild
“Organizations need to become more intentional about detection in their SOCs. What should we detect? Do we have use cases for those scenarios? Do they actually work? Do they help my SOC analysts effectively triage
-
Dr. Anton Chuvakin answers questions about SIEM, EDR, and XDR — from our recent SANS webinar on the future of SIEM
Dr. Anton Chuvakin Discusses “20 Years of SIEM – What’s Next?” Learn what Dr. Anton Chuvakin, Head of Security Solution Strategy at Google Cloud and former Gartner Research VP, has to say about questions like: