Resources

CSO logo

Newsroom

Colonial Pipeline raised visibility for mitigations like network segmentation, which MITRE ATT&CK (M1030) categorizes as essential to preventing access to safety-critical systems.

The Record

Newsroom

Admins need PowerShell, so NSA simply being realistic in recommending not to disable it but instead continuously monitor for suspicious behavior (MITRE ATT&CK T1059).

Dark Reading Logo 520

Newsroom

Lebanese APT uses MITRE ATT&CK T1133. Recommended mitigations: create SIEM detection queries to examine authentication logs for unusual access patterns.

SC-Media-resource

Newsroom

SIEMs not detecting a huge percentage of MITRE ATT&CK. Analytics and automation can make the SOC more effective and enable better utilization of the existing security stack.

DICE Logo

Newsroom

Lessons from Colonial Pipeline ransomware attack: Eliminate monitoring blind spots in your SOC using MITRE ATT&CK

Enterprise Security Tech-1

Newsroom

Enterprise SIEMs are Missing Detections for 4 out of 5 of All MITRE ATT&CK Techniques

BETA News 600

Newsroom

Enterprise SIEMs fall short on detecting attacks, based on analysis of MITRE ATT&CK coverage for production SIEMs

Cardinal-ops-logo-resource

Newsroom

Data Shows Enterprise SIEMs Detect Fewer Than 5 of the Top 14 MITRE ATT&CK Adversary Techniques Used in the Wild

Security Magazine

Newsroom

What the SolarWinds lawsuit teaches boards and management teams about cybersecurity standards of due care

Security Boulevard 450x450

Newsroom

Why going after MSPs is an increasingly common type of supply chain attack

Security Magazine

Newsroom

Using standards like MITRE ATT&CK and VERIS to develop a common language and taxonomy about cyberattacks

Security Boulevard 450x450

Newsroom

Use MITRE ATT&CK to ensure you have detections for the latest adversary techniques employed by Chinese attackers such as DeepPanda

SC-Media-resource

Newsroom

Modern SOCs need AI-powered automation to address constant change in threats and business priorities — plus an exponential increase in complexity

DICE Logo

Newsroom

Or Saya, cybersecurity architect at CardinalOps, describes what it takes to become an information security analyst in today's hot job market

SC-Media-resource

Newsroom

Remediation advice emerges for Spring4Shell vulnerability

The Street Logo-1

Newsroom

Industrial control systems remain juicy targets because they typically don't have the same level of security monitoring as corporate IT networks

CPO-magazind-resource

Newsroom

Most high-profile attacks are the result of poor security practices such as having a high number of open remote access ports accessible from the internet (Colonial Pipeline)

The Street Logo-1

Newsroom

Industrial control systems remain juicy targets because they typically don't have the same level of security monitoring as corporate IT networks

VentureBeat Logo 440-1

Newsroom

Most high-profile attacks are the result of poor security practices such as insufficient monitoring to detect suspicious activities (OPM breach)

Datamation 1400x400

Newsroom

Top SIEM Trends in 2022

SANS logo 1240x600

Newsroom

CardinalOps Sponsors SANS Webinar with Dr. Anton Chuvakin on "The Future of SIEM"

Security Boulevard 450x450

Newsroom

Lapsus$ could very well be the next big supply chain attack

Dark Reading Logo 520

Newsroom

How Should My Security Analyst Use the MITRE ATT&CK Framework?

Dark Reading Logo 520

Newsroom

CardinalOps identifies and remediates gaps in threat detection coverage, powered by AI

Cardinal-ops-logo-resource

Newsroom

CardinalOps Raises $17.5M Series A on Market Traction with Global Enterprise Customers and MSSPs/MDRs

VentureBeat Logo 440

Newsroom

Working smarter, not harder to optimize your SIEM/XDR

Channel Futures logo 400

Newsroom

Helping MSSPs/MDRs scale while supporting multiple SIEM/XDR platforms with limited staff

GeekTime 300x300

Newsroom

No matter how many cybersecurity solutions you have, you are probably not using them optimally — and this startup wants to fix it

Calcalist Ctech logo 300x300-1

Newsroom

CardinalOps secures $17.5 million Series A to map cyber threats

securityweek_logo 300x300

Newsroom

CardinalOps Raises $17.5 Million for Threat Coverage Optimization Platform

SC-Media-resource

Newsroom

SIEM rules ignore bulk of MITRE ATT&CK framework, placing risk burden on users

CPO-magazind-resource

Newsroom

SIEM Rules’ Threat Coverage Is Far Less Than What’s Expected; 84% of MITRE ATT&CK Threats Are Not Covered

Cardinal-ops-logo-resource

Newsroom

Research: Enterprise SIEMs Unprepared for 84% of MITRE ATT&CK Tactics and Techniques

VentureBeat Logo 440

Newsroom

Report: 80% of cyberattack techniques evade detection by SIEMs, based on configuration data from real-world production SIEM instances

Introducing CardinalOps Threat Coverage Optimization Platform

threat-coverage-icon
Threat Coverage Gap Analysis
  • Identify actual coverage vs. MITRE ATT&CK
  • Identify missing and broken rules 
  • Identify missing and incomplete log sources
  • Real-time Threat Coverage Metric
threat-coverage-icon
Organization Specific AI-based Recommendations
  • Asset-based priorities
  • Threat Intel priorities
  • Log-source priorities
  • Peer-based priorities
  • Custom priorities (optional)
threat-coverage-icon
Safe Deployment
  • Continuous impact analysis (before, during and after deployment)
  • Inspired by DevOps CI/CD processes, TCO embraces agile methodologies