CardinalOps
  • Platform
  • Use Cases

    Use Cases

    • Map all your detections to MITRE ATT&CK
    • Gain new detections to address critical gaps
    • Identify and fix broken rules
    • Pinpoint root causes of noisy rules
    • Save costs and rationalize your entire security stack
    • Measure the depth of ATT&CK coverage
    • Automate to gain agility and address hiring challenges
    • Jumpstart cloud monitoring for your SOC
    • Report on detection posture to leadership and auditors
    • Manage detection posture across multiple SIEMs
  • Integrations
  • Company

    Company

    • Who we are

      Meet the leadership team, advisors, investors, and mission that drive us forward.

    • Why work here

      Big challenges need big thinkers. Are you up to it?

    • Careers

      Your opportunity to make a difference … for our customers, the world, and yourself.

  • Resources

    Resources

    • Newsroom
    • Blog
    • White Papers & Videos
    • Webinars & Events
  • Contact Us
  • Book a Demo
HOME
  • Blog
  • Newsroom
  • Webinars & Events
  • White Papers & Videos
  • Most Enterprise SIEMs Fail Against MITRE ATT&CK Tactics

    Most Enterprise SIEMs Fail Against MITRE ATT&CK Tactics

    Enterprise SIEMs already ingest sufficient data to cover 94% of all MITRE ATT&CK techniques. Organizations don’t need to collect more data but rather scale detection engineering processes to develop more detections, faster.

  • Enterprises Missing Detections for Around Three-Quarters of all Adversary Techniques

    Enterprises Missing Detections for Around Three-Quarters of all Adversary Techniques

    CardinalOps recently released the Third Annual Report on the State of SIEM Detection Risk which found enterprise SIEMs are missing detections for around three-quarters of all techniques that adversaries use to execute cyberattacks.

  • Enterprises Unprepared to Defend Against MITRE ATT&CK Techniques

    Enterprises Unprepared to Defend Against MITRE ATT&CK Techniques

    Enterprises lack detections for more than three-quarters of all MITRE ATT&CK techniques, while 12% of SIEM rules are broken and will never fire due to data quality issues including misconfigured data sources and missing fields.

  • Study Reveals Alarming Gap in SIEM Detection of Adversary Techniques

    Study Reveals Alarming Gap in SIEM Detection of Adversary Techniques

    The CardinalOps’ 2023 Report on State of SIEM Detection Risk showed that SIEMs can only detect 24% of the techniques listed in MITRE ATT&CK, leaving organizations vulnerable to ransomware attacks, data breaches and other cyber threats.

  • CardinalOps Report Finds Broken Rules in SIEM Systems Increase Cyberattack Risks

    CardinalOps Report Finds Broken Rules in SIEM Systems Increase Cyberattack Risks

    “These findings illustrate a simple truth: Most organizations don’t have good visibility into their MITRE ATT&CK coverage and are struggling to get the most from their existing SIEMs,” said CardinalOps co-founder and CEO Michael Mumcuoglu.

  • Most Enterprise SIEMs Blind to MITRE ATT&CK Tactics

    Most Enterprise SIEMs Blind to MITRE ATT&CK Tactics

    Researchers from CardinalOps analyzed data from production SIEM platforms from companies such as Splunk, Microsoft Sentinel, IBM QRadar, and Sumo Logic, and found that they have detections for just 24% of all MITRE ATT&CK techniques.

  • Enterprise SIEMs Miss 76% of all MITRE ATT&CK Techniques Used by Adversaries

    Enterprise SIEMs Miss 76% of all MITRE ATT&CK Techniques Used by Adversaries

    CardinalOps’ third annual report analyzes real-world data from production SIEMs covering nearly 4,000 detection rules across diverse industry verticals If you’re looking to benchmark your SIEM with respect to its MITRE ATT&CK coverage and rule

  • 2023 Report on State of SIEM Detection Risk

    2023 Report on State of SIEM Detection Risk

    In our third annual report, CardinalOps set out to gain visibility into the current state of use case development and threat detection coverage in enterprise SOCs. We analyzed, aggregated and anonymized data from production SIEM

  • CardinalOps Sponsors SANS Webinar with Former ArcSight Chief Architect Ken Tidwell on “The Future of Risk-Based Detection”

    CardinalOps Sponsors SANS Webinar with Former ArcSight Chief Architect Ken Tidwell on “The Future of Risk-Based Detection”

    CardinalOps, the detection posture management company, is sponsoring a live SANS webinar to help today’s Security Operations teams implement a risk-based detection strategy to address modern threats and a quickly expanding attack surface.

  • SANS 2023 SOC Survey

    SANS 2023 SOC Survey

    Download the 2023 SOC Survey from the SANS Institute to gain insights from active SOC managers and analysts around best practices for running a SOC.

  • Cybersecurity Summer Reading: 11 Books to Boost Your Career

    Cybersecurity Summer Reading: 11 Books to Boost Your Career

    Phil Neray, VP of Cyber Defense Strategy at CardinalOps suggests adding “Cybersecurity First Principles: A Reboot of Strategy and Tactics” by Rick Howard to your summer reading list. You’ll get a practitioner’s point-of-view on security principles.

  • SOC Meets Cloud: What Changes and What Stays the Same?

    SOC Meets Cloud: What Changes and What Stays the Same?

    Michael Mumcuoglu, CEO & co-founder of CardinalOps, explores critical questions facing security operations center (SOC) leaders charged with supporting their organization’s migration to a cloud operation model and their digital transformation initiatives.

Previous Page
1 2 3 4 5 … 14
Next Page

Boost productivity 10x … Really?

CardinalOps’ detection posture management platform maximizes your MITRE ATT&CK coverage for the latest threats and eliminates hidden detection gaps which you may not even know you have. Setup takes less than an hour because there are no agents to deploy or appliances to configure, and it easily connects via the native APIs of your SIEM/XDR. What’s more, it helps boost your detection engineering team’s productivity 10x compared to manual processes.

Yes, really.

Book a Demo
CardinalOps
  • Privacy Policy
  • Terms & Conditions

©2023 CardinalOps