The Model Context Protocol (MCP) enables seamless integration between large language models (LLMs) and external tools. It powers agent-driven workflows in platforms like Claude Desktop and GitHub Copilot. Typically, developers use MCP servers to expose
Introducing Autonomous, Targeted Mitigations via Compensating Controls BOSTON and TEL AVIV, Israel, July 29, 2025 /PRNewswire/ — CardinalOps, the leading Unified Exposure Management platform, today announced the launch of Cardinal AI, a new suite of artificial intelligence capabilities designed to
Download this detection engineering workshop with CardinalOps Security Researcher, Daniel Koifman, to reinforce the best practices recommended in our 2025 State of SIEM Detection Risk Report. In this recording, SOC leaders and practitioners will get
Is the “intelligence” in Threat Intelligence actually a misnomer? Intelligence implies analyzing and interpreting raw, unprocessed information to make decisions and solve problems. Information becomes intelligence when it’s actionable. That’s the missing gap with most
When writing detections based on threat reports, research blogs or other sources, common sense dictates that we should find a way to alert on the malicious actions as best as possible, ideally using TTPs. This
Traditional vulnerability management is great at telling you what’s broken–just ask the team managing your neverending backlog of vulnerability findings. But it’s not great at incorporating context on your specific threat landscape and attack surfaces.
IT and security teams have been pushed for years: just patch faster. Automate remediation. Chip away at that vulnerability backlog (and do it quickly). But speed isn’t the only problem, context matters too. It’s critical
In a perfect world, you’d have enough time and resources to address every vulnerability and exposure. You could carefully implement tailored remediations that address specific security gaps. Patches would have little to no impact on
Security teams aren’t just asking “are we vulnerable?” anymore. They’re asking, “Where are we exposed…. and what can we do about it before something happens?” That’s the future Gartner lays out in their June 2025
Download this webinar to explore findings from the 2025 State of SIEM Detection Risk Report and learn how to implement best practices aligned to the report’s key takeaways. In this recording, Dr. Anton Chuvakin, Senior
In our fifth annual report, CardinalOps analyzed a range of production SIEM environments to evaluate the coverage, health and overall performance of enterprise threat detection programs. This report includes the data of 13,000 detection rules
Detection engineering isn’t just about finding bad behavior. It’s about understanding how attackers appear normal—on accident or by design. Some of the most successful evasion techniques don’t involve zero-days or encryption. They rely on you writing