Detection Posture Management Archives

Detection Engineering Best Practices for Implementing a Threat-Informed Defense

In this paper, SANS Director of Emerging Security Trends, John Pescatore, compiles data from the recent SANS survey of 267 cybersecurity professionals to determine the state of practice in detection engineering.

CardinalOps Contributes to MITRE ATT&CK for Fourth Consecutive Release

CardinalOps, the detection posture management company, announced today that it contributed updates to the latest version of MITRE ATT&CK, a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Security Layers — Measuring MITRE ATT&CK Detection Coverage Across Your Entire Attack Surface, Linked to Business Outcomes

If you’re like most of us in the defender community, you’re probably tired of seeing all the colored heat maps used to represent MITRE ATT&CK detection coverage.

Detecting Microsoft Outlook Vulnerability CVE-2023-23397 in Splunk, IBM QRadar & Microsoft Sentinel

Summary Discovered by the Ukrainian CERT and attributed to APT28 (aka Fancy Bear or Strontium, the Russian GRU threat actor), CVE-2023-23397 is being actively exploited in targeted attacks against government, transportation, energy, and military sectors

State of Identity Podcast Episode 320: Detection Posture Management

Recently Phil Neray, VP of Cyber Defense Strategy at CardinalOps, was invited to join the State of Identity Podcast for a conversation on the latest cybersecurity threats and why orchestration is the key to a