CardinalOps Expands SOC Detection Management Platform to Enable Operationalization of MITRE ATT&CK Across Diverse SOC Tools

News provided by

CardinalOps

20 Sep, 2022, 16:00 IDT

CardinalOps platform extended to support log management and EDR solutions, building on current SIEM support

TEL-AVIV, Israel and BOSTON, Sept. 20, 2022 /PRNewswire/ -- CardinalOps, the AI-powered detection engineering company, today announced that its SOC detection management platform is being extended to support CrowdStrike's latest centralized logging offering, Falcon LogScale, Microsoft Defender for Endpoint, and VMware Carbon Black Endpoint, in addition to its current support for major SIEMs including Splunk, Microsoft Sentinel, and IBM QRadar.

CardinalOps uses AI and automation to address some of the biggest complexity headaches that organizations have in managing their SOC detection solutions, without requiring them to walk away from the significant investments they've made in their existing security stacks. The company's SaaS platform:

  • Provides a visual MITRE ATT&CK heat map with metrics to track and report on ATT&CK coverage across all of an organization's SIEM/EDR/XDR detection solutions, for both custom and out-of-the-box detections.
  • Maximizes MITRE ATT&CK coverage by delivering high-fidelity detections for the ATT&CK techniques most relevant to the organization's business priorities and infrastructure – including for the latest high-profile threats and vulnerabilities – that are automatically customized to the organization's environment.
  • Eliminates hidden detection gaps organizations may not even know they have by continuously auditing their detection solutions to identify broken, noisy, and missing rules that can be automatically remediated with a single click. Additionally, the platform identifies misconfigured data sources and recommends new log sources that can be onboarded to remove control gaps.

"CISOs and SOC leaders understand they need a holistic and continuously-updated view of their MITRE ATT&CK coverage across SOC tools to confidently answer questions like 'How prepared are we to detect the highest priority threats?' – but they're still relying on spreadsheets and manual tagging to understand their current posture, plus manual detection engineering processes and limited staff resources to improve it over time," said Michael Mumcuoglu, CEO and co-founder of CardinalOps. "Our mission is to dramatically simplify and accelerate our customers' processes around operationalizing MITRE ATT&CK to reduce risk. Our vision is to give customers a continuous and comprehensive view of their MITRE ATT&CK coverage across all core SOC solutions, along with automation and analytics to rapidly eliminate detection coverage gaps that leave them exposed."

CardinalOps will be demonstrating its Falcon LogScale offering at Fal.con 2022, CrowdStrike's annual event for customers and industry professionals, taking place on September 19-21 in Las Vegas. You can visit their booth (#9K) located in the "New Innovators" pavilion at the Fal.con Hub exhibition. 

About CardinalOps
Most security vendors pitch you on replacing your stack or adding new monitoring tools to it. CardinalOps has a more practical and pragmatic approach. The CardinalOps SaaS platform uses AI and automation to maximize MITRE ATT&CK coverage for your existing security stack and eliminate hidden detection gaps you may not even know you have. Setup takes less than an hour because there are no agents to deploy and it easily connects via the native APIs of your SIEM/EDR/XDR. What's more, it has the added advantage of boosting your detection engineering team's productivity 10x compared to manual processes.

Founded in 2020, CardinalOps is led by serial entrepreneurs whose previous companies were acquired by Palo Alto Networks, HP, Microsoft Security, IBM Security, and others. The company's advisory board includes Dr. Anton Chuvakin, Security Advisor in the Office of the CISO at Google Cloud; Dan Burns, former Optiv CEO and founder of Accuvant; and Randy Watkins, CTO of Critical Start. Learn more at https://www.cardinalops.com/.

Contact details

For CardinalOps
Nathaniel Hawthorne for CardinalOps
Lumina Communications
(661) 965-0407
[email protected]

SOURCE CardinalOps