CardinalOps Sponsors SANS Webinar with Former ArcSight Chief Architect Ken Tidwell on "The Future of Risk-Based Detection"

News provided by

CardinalOps

Jun 15, 2023, 09:00 ET

TEL-AVIV, Israel and BOSTON, June 15, 2023 /PRNewswire/ -- CardinalOps, the detection posture management company, is sponsoring a live SANS webinar to help today's Security Operations teams implement a risk-based detection strategy to address modern threats and a quickly expanding attack surface.

Recent industry research shows a sobering snapshot into the detection gaps that SecOps teams are grappling with. According to CardinalOps 2022 State of SIEM Detection Risk Report, enterprise Security Information and Event Management (SIEMs) only cover 20% of all the adversary techniques in the MITRE ATT&CK framework. Mandiant's 2022 M-Trends Special Report revealed that it takes an average of 21 days to detect a successful cyberattack and only an average of 92 minutes for threat actors to move laterally across a compromised network.

To hear what the experts are saying, join former Chief Architect at ArcSight Ken Tidwell and CardinalOps VP of Cyber Defense Strategy Phil Neray as they discuss how to:

  • Incorporate risk-based detection to reduce noise and quickly respond when time is a limiting factor.
  • Operationalize MITRE ATT&CK to build a threat-informed defense and establish risk-based metrics.
  • Enrich alerts with internal business context for increased actionability, less time spent on investigations, and better utilization of existing staff.

WHAT: SANS webinar featuring Phil Neray and Ken Tidwell

WHEN: June 20, 2023 at 3:30 PM EDT

REGISTER: SANS website (you must create a free account to register – register even if you can't attend and SANS will send you a link to the recording after the event)

About Ken Tidwell
Ken Tidwell has been involved with software startups for 40 years. He has been everything from a lowly intern to president. Most notably, Ken was the chief architect at ArcSight when the concept of a SIEM was first developed and contributed many of the ideas still found in SIEMs two decades later. He also led the ArcSight content team and was head of the correlation team, where he built the rule engine, report generation engine, and dashboards. The ArcSight correlation team built the first high-speed, high-throughput, time sequence-oriented rules engine. The team also built innovative engines for report generation – dealing with the automatic creation of long term aggregates to assist with periodic reporting – and a dashboard engine. The team also developed the first pattern discovery engine for security event streams.

Most recently, Ken co-founded FactorChain to build tools to assist in incident response and investigation. FactorChain was acquired by Sumo Logic, where Ken assisted in developing security analytics for their SIEM offering.

Other roles have included being head of user interface for one of the first commercial object-oriented AI development environments, and building the first instance of a Java-based micro-service architecture.

About Phil Neray
Phil Neray is VP of Cyber Defense Strategy at CardinalOps. With 20+ years of cybersecurity experience, Phil comes to CardinalOps from Microsoft Security, which he joined after the acquisition of CyberX, an early innovator in IoT/OT security monitoring. He previously held executive roles at IBM Security/Q1 Labs, Guardium (acquired by IBM), Veracode, and Symantec. Phil has a BSEE from McGill University, is certified in cloud security (CCSK), and has a black belt in American Jiu-Jitsu.

About CardinalOps
Backed by security experts with nation-state expertise, the CardinalOps platform uses automation and MITRE ATT&CK to continuously ensure you have the right detections in place to prevent breaches, based on a threat-informed strategy. What's more, it improves detection engineering productivity by 10x and reduces the need to hire additional SOC personnel. Native API-driven integrations include Splunk, Microsoft Sentinel, IBM QRadar, Google Chronicle SIEM, CrowdStrike Falcon LogScale, and Sumo Logic. Learn more at cardinalops.com.

For Media Inquiries:
Nathaniel Hawthorne for CardinalOps
Lumina Communications
(661) 965-0407
[email protected]

SOURCE CardinalOps

21%

more press release views with 
Request a Demo

Also from this source

CardinalOps Launches Cardinal AI for Agentic Exposure Management

CardinalOps Launches Cardinal AI for Agentic Exposure Management

CardinalOps, the leading Unified Exposure Management platform, today announced the launch of Cardinal AI, a new suite of artificial intelligence...
Enterprise SIEMs Miss 79% of MITRE ATT&CK Techniques Used by Adversaries, According to CardinalOps' 5th Annual Report

Enterprise SIEMs Miss 79% of MITRE ATT&CK Techniques Used by Adversaries, According to CardinalOps' 5th Annual Report

CardinalOps, the unified threat exposure management company, today announced the release of its Fifth Annual Report on the State of SIEM Detection...
More Releases From This Source

Explore

High Tech Security

High Tech Security

Computer & Electronics

Computer & Electronics

News Releases in Similar Topics