Advanced SOC Operations / CSOC , Events , Next-Generation Technologies & Secure Development

Using DPM and MITRE ATT&CK to Improve SOC Effectiveness

CardinalOps CEO on How Detection Posture Management Finds, Remediates Security Gaps
Michael Mumcuoglu, co-founder and CEO, CardinalOps

SOCs are facing increased challenges due to the ever-growing complexity of infrastructure and technology, which expands the attack surface. CardinalOps CEO Michael Mumcuoglu said the MITRE ATT&CK Framework has "upped the game" by allowing SOC operators to "talk the same language" about attacker techniques, and now CardinalOps is using detection posture management in concert with the framework to identify and remediate coverage gaps in common SIEM platforms such as Splunk, Microsoft Sentinel, IBM QRadar, and Google Chronicle SIEM.

Detection posture management offers a proactive, systematic approach to continuously measuring MITRE ATT&CK coverage, developing new detections to remediate gaps based on business priorities, and building a threat-informed defense, Mumcuoglu said, and it uses automation and analytics, which he said are required to deliver improved effectiveness.

In this video interview with Information Security Media Group at RSA Conference 2023, Mumcuoglu also discusses:

  • Showing the board how risk is being reduced over time by maximizing the effectiveness of existing security investments;
  • Using automation to "empower" staff by taking away redundant manual labor;
  • How CardinalOps is pioneering the use of detection posture management.

Mumcuoglu and the CardinalOps team have built a detection engineering platform to help organizations maximize threat coverage by better leveraging existing security tools. He previously co-founded and was CTO of LightCyber, which was acquired by Palo Alto Networks in 2017.

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.