@CardinalOps profile picture
CardinalOps @CardinalOps

Detection Posture Management

Joined March 2021
  • Tweets 244
  • Following 108
  • Followers 91
122 Photos and videos
When detections work: • Incidents are faster to triage • Analysts trust alerts • Leadership trusts metrics It’s not flashy — but it’s powerful. Detection engineering is the quiet advantage behind high-performing SOCs. #SOCExcellence #DetectionEngineering #InfoSec
33
You can’t defend what you don’t detect. Coverage gaps hide in: • Untested detections • Deprecated rules • Environment changes CardinalOps helps teams continuously uncover and close detection gaps before attackers find them first. #ThreatCoverage #DetectionEngineering
20
Security teams don’t fall behind because they lack tools. They fall behind because detections don’t work when it matters. Detection engineering isn’t a “nice to have” anymore — it’s the foundation of a modern, effective SOC. #DetectionEngineering #SOC #SecOps #InfoSec
1
22
Detection engineering isn’t a one-time project. It’s a continuous practice. Threats evolve. Environments change. Detections must keep up. CardinalOps helps teams operationalize detection engineering at scale — across SIEM, EDR, and data lakes. #SecOps #InoSec #SIEM
1
16
The future of Exposure Management is here .... We’re introducing Cardinal AI, the agentic capabilities powering the CardinalOps Unified Exposure Management platform. We'll be showcasing Cardinal AI at #BlackHat at booth 5821 See full announcement here: hubs.li/Q03zw4NF0
0:20
1
64
CardinalOps will be at #Infosec2025 next week! Book a meeting with us, visit our booth or join us in the Cyber 100 Club. hubs.li/Q03pLHp80
30
😠 False positives aren’t just annoying. They’re corrosive. Read the latest blog post from @CardinalOps Security Researcher @koifsec – "The Analyst Who Cried Malware: Rethinking False Positives and Alert Fatigue" hubs.li/Q03pxtZZ0 #infosec #TDIR #detectionengineering

The Analyst Who Cried Malware: Rethinking False Positives and Alert Fatigue - CardinalOps

False positives are failures in rule design. This post dives into their causes and explores detection best practices to avoid alert fatigue.

cardinalops.com
34
🤖 Polymorphic AI Malware ☠️ What is it? Why does it matter? (And more importantly) How can you build effective detections for it? hubs.li/Q03nsbFH0

Polymorphic AI Malware: A Real-World POC and Detection Walkthrough - CardinalOps

Polymorphic AI malware dynamically generates its own code and modifies its appearance, fundamentally changing how threats are created and detected.

cardinalops.com
26
We can't wait to be at #Infosec2025 this year! Make sure you know where to find our team between the busy expo hall, Cyber 100 Club and expert meetings. hubs.li/Q03nldLc0
31
⏳ It’s the final countdown for RSAC 2025! Check out our inaugural #RSAC conference “Hype Guide” to preview hot topics, prepare to navigate the chaos of the expo, and make sure you don’t miss the best booths and swag giveaways. hubs.li/Q03jLYTf0

The CardinalOps RSA Conference 2025 Hype Guide - CardinalOps

Get an in-depth preview of the year's biggest industry event with our hype guide to the 2025 RSA conference.

cardinalops.com
34
Reduce threat exposure with security controls optimization. 💻 Visit us at booth #4504 in the North Hall to see for yourself 👟 Crack the code at our booth and win a custom pair of Nikes 🍹 Join CardinalOps GuidePoint at The Grand on Mon, Apr 28 hubs.li/Q03hylBX0
31
👟 Step Up Your Security and Win Custom Nike Sneakers at RSAC 👟 🔒 The @CardinalOps booth will feature a secure lockbox with a pair of custom Nikes inside 🔢 Think you have what it takes to crack the code? Stop by booth #4504 for your chance to win and customize your own pair.
37
Looking to sharpen your detections? Anchor them on immutable artifacts: 🎯 Detect intent, not syntax 🗺️ Map to behavior, not branding 🛠️ Create detections that will still matter when TTPs evolve Check out our latest post from @Koifsec: hubs.li/Q03gtq9t0 #infosec #TDIR

Detection, Evasion, and the Pursuit of Immutable Artifacts - CardinalOps

In detection, immutable artifacts are the unchangeable traces of attacker activity, no matter the tool, technique, or obfuscation.

cardinalops.com
1
1
76
Is your #RSAC25 schedule set? 💻 Visit us at booth #4504 in the North Hall 👟 Crack the code at our booth and win a custom pair of Nikes 🍹 Join CardinalOps GuidePoint at The Grand on Mon, Apr 28 hubs.li/Q03g6wKb0

RSA 2025 - CardinalOps

Meet CardinalOps at RSAC 2025 Booth #4504 | North Hall Control Your Threat Exposure Visit CardinalOps at RSAC 2025 at Booth #4504 in the North Hall to see how we help security teams optimize both

cardinalops.com
16
You know the saying “don’t lose the forest for the trees” 🌲 But on tough excursions, knowing specific terrain is incredibly valuable. Similarly, monitoring granular metrics in tandem with ones like MTTR ensures your team can see the forest AND the trees hubs.li/Q03fbBBQ0

Monitoring Granular SOC Metrics: Peak Network Traffic and Initial User Logins  - CardinalOps

Get an overview of SOC threat monitoring use cases for metrics covering peak network traffic and initial user logins.

cardinalops.com
9
What’s the most powerful threat detection tool in Google SecOps SIEM? If you ask @KoifSec it's the ability to create metrics within YARA-L rules. Check out Daniel’s post for an overview of YARA-L metrics function parameters: hubs.li/Q03dNwYK0

Leveraging Metrics in Google SecOps SIEM for Enhanced Threat Detection - CardinalOps

Learn how to create metrics in Google SecOps SIEM, with an overview of YARA-L function parameters and two examples: monitoring network bytes and first-seen logins.

cardinalops.com
1
1
42
Surrounded by risky threat exposures? 🦈🚣‍♂️ You are not alone! CardinalOps is your lifeline - prioritize & remediate gaps before threats strike. Learn more: hubs.li/Q03cs0JK0 #CTEM #MITREATTACK #ThreatExposureManagement #detectioncontrols #preventioncontrols
19
Detection Prevention = Stronger Defense! Join Dr. Anton Chuvakin & Jay Lillie at SANS Cyber Solutions Fest to explore bridging detection & prevention with MITRE ATT&CK. 📅 3/19 | 2:25-2:55 PM ET 🔗 hubs.li/Q03bPRdX0 #MITREATTACK #Detection #Prevention #CTEM
20
Prioritizing threats w/o context wastes time & resources. Missing piece? Compensating controls. Without full visibility, teams risk fixing the wrong issues. 📽️ Watch Michael Mumcuoglu, CardinalOps CEO, break it down. #CTEM #ThreatExposureManagement
1:30
20
#Threatintel is only useful if you know which sources to trust & how to apply them. Join experts from CardinalOps, CrowdStrike & RiskHorizon Tomorrow, 3/11 @ 1 PM EST to learn how to turn intel into action. hubs.li/Q03b5zXp0 #DetectionEngineering #ThreatExposureManagement
18
Load more