CardinalOps
  • Platform
  • Use Cases

    Use Cases

    • Map all your detections to MITRE ATT&CK
    • Gain new detections to address critical gaps
    • Identify and fix broken rules
    • Pinpoint root causes of noisy rules
    • Save costs and rationalize your entire security stack
    • Measure the depth of ATT&CK coverage
    • Automate to gain agility and address hiring challenges
    • Jumpstart cloud monitoring for your SOC
    • Report on detection posture to leadership and auditors
    • Manage detection posture across multiple SIEMs
  • Integrations
  • Company

    Company

    • Who we are

      Meet the leadership team, advisors, investors, and mission that drive us forward.

    • Why work here

      Big challenges need big thinkers. Are you up to it?

    • Careers

      Your opportunity to make a difference … for our customers, the world, and yourself.

  • Resources

    Resources

    • Newsroom
    • Blog
    • White Papers & Videos
    • Webinars & Events
  • Contact Us
  • Book a Demo
HOME Resources
  • Blog
  • Newsroom
  • Webinars & Events
  • White Papers & Videos
  • Security Layers — Measuring MITRE ATT&CK Detection Coverage Across Your Entire Attack Surface, Linked to Business Outcomes

    If you’re like most of us in the defender community, you’re probably tired of seeing all the colored heat maps used to represent MITRE ATT&CK detection coverage.

    Read more: Security Layers — Measuring MITRE ATT&CK Detection Coverage Across Your Entire Attack Surface, Linked to Business Outcomes
  • Detecting Microsoft Outlook Vulnerability CVE-2023-23397 in Splunk, IBM QRadar & Microsoft Sentinel

    Summary Discovered by the Ukrainian CERT and attributed to APT28 (aka Fancy Bear or Strontium, the Russian GRU threat actor), CVE-2023-23397 is being actively exploited in targeted attacks against government, transportation, energy, and military sectors

    Read more: Detecting Microsoft Outlook Vulnerability CVE-2023-23397 in Splunk, IBM QRadar & Microsoft Sentinel
  • CardinalOps CEO Discusses the State of Today’s SOC Teams on Silo Busting Podcast

    Michael Mumcuoglu, CEO and Founder of CardinalOps, recently join the EPAM Continuum podcast, Silo Busting, for a discussion assessing the state of today’s SOC teams. Also featured on the podcast were Sam Rehman, EPAM’s Chief

    Read more: CardinalOps CEO Discusses the State of Today’s SOC Teams on Silo Busting Podcast
  • State of Identity Podcast Episode 320: Detection Posture Management

    Recently Phil Neray, VP of Cyber Defense Strategy at CardinalOps, was invited to join the State of Identity Podcast for a conversation on the latest cybersecurity threats and why orchestration is the key to a

    Read more: State of Identity Podcast Episode 320: Detection Posture Management
  • CardinalOps Named as Winner in 2023 Cybersecurity Excellence Awards for Detection Posture Management

    TEL-AVIV, Israel and BOSTON, March 9, 2023 — CardinalOps, the detection posture management company, today announced that the 2023 Cybersecurity Excellence Awards have selected the CardinalOps platform as gold winner of the Continuous Detection Posture Management (CDPM) category. Past

    Read more: CardinalOps Named as Winner in 2023 Cybersecurity Excellence Awards for Detection Posture Management
  • How Detection Posture Management Can Help CISOs Track the Right Metrics

    In a recent SC Media column, Michael Mumcuoglu – CEO of CardinalOps, writes that instead of manually identifying gaps in MITRE ATT&CK coverage, it should be automated so that security teams always have a clear

    Read more: How Detection Posture Management Can Help CISOs Track the Right Metrics
  • What CISOs Don’t Know About Their SOCs

    In a recent SC Media column, Michael Mumcuoglu – CEO of CardinalOps, wrote how continuous improvement techniques can help CISOs more effectively manage the growing threat landscape and improve the visibility and effectiveness of their

    Read more: What CISOs Don’t Know About Their SOCs
  • Why MITRE ATT&CK Has Taken Over the SOC World

    I recently listened to an excellent summary about why MITRE ATT&CK has taken over the SOC world (sorry, it’s behind a paywall called “CSO Perspectives,” but this blog post is intended to summarize the key

    Read more: Why MITRE ATT&CK Has Taken Over the SOC World
  • Leveraging AI and Automation with MITRE ATT&CK to Eliminate Detection Coverage Gaps in Your SOC

    At Black Hat 2022, our VP of Cyber Defense Strategy was interviewed on Security Guy TV to discuss why MITRE ATT&CK has become a standard way of describing your defensive posture to management as well

    Read more: Leveraging AI and Automation with MITRE ATT&CK to Eliminate Detection Coverage Gaps in Your SOC
  • SIEM Detections for Okta PassBleed (Splunk, Microsoft Sentinel, IBM QRadar, Sumo Logic)

    Summary This blog post summarizes new password stealing and impersonation risks recently discovered for Okta, along with recommended SIEM detection rules and associated MITRE ATT&CK techniques for SIEM solutions including Splunk, Microsoft Sentinel, IBM QRadar,

    Read more: SIEM Detections for Okta PassBleed (Splunk, Microsoft Sentinel, IBM QRadar, Sumo Logic)
  • Splunk and other SIEM detections for Follina, a clever MS-Office 0-day

    Summary This blog post summarizes Follina, an RCE zero-day discovered in Microsoft Office. It provides recommended detections in the native query languages for Splunk, Microsoft Sentinel, IBM QRadar, and Sumo Logic, along with associated MITRE

    Read more: Splunk and other SIEM detections for Follina, a clever MS-Office 0-day
  • Enterprise SIEMs Detect Fewer Than 5 of Top 14 MITRE ATT&CK Adversary Techniques Used in the Wild

    “Organizations need to become more intentional about detection in their SOCs. What should we detect? Do we have use cases for those scenarios? Do they actually work? Do they help my SOC analysts effectively triage

    Read more: Enterprise SIEMs Detect Fewer Than 5 of Top 14 MITRE ATT&CK Adversary Techniques Used in the Wild
1 2
Next Page

Boost productivity 10x … Really?

CardinalOps’ detection posture management platform maximizes your MITRE ATT&CK coverage for the latest threats and eliminates hidden detection gaps which you may not even know you have. Setup takes less than an hour because there are no agents to deploy or appliances to configure, and it easily connects via the native APIs of your SIEM/XDR. What’s more, it helps boost your detection engineering team’s productivity 10x compared to manual processes.

Yes, really.

Book a Demo
CardinalOps
  • Privacy Policy
  • Terms & Conditions

©2023 CardinalOps