CardinalOps, the detection posture management company, announced today that it was mentioned as a Sample Vendor in the Gartner Hype Cycle for Security Operations, 20231 as well as in the Gartner Hype Cycle for Workload and Network Security, 20232.
Gartner identified CardinalOps as a Sample Vendor for Automated Security Controls Assessment (ASCA). According to Gartner, “Automated security control assessment (ASCA) technologies reduce an organization’s attack surface caused by security configuration drift, poor defaults, excessive tuning to reduce false positive rates, and high administration staff turnover. ASCA improves the security posture by verifying the proper, consistent configuration of security controls, rather than simply verifying the existence of controls.”
Business Impact of ASCA
Gartner concludes that “Organizations implementing ASCA processes and technologies enhance staff efficiency, minimize the impact of human errors and improve resilience in the face of organizational churn. ASCA reduces security control configuration gaps that unnecessarily expose the organization to otherwise preventable attacks.”
Key Drivers
According to Gartner, “The volume of misconfigurations in security controls continues to grow with the increased complexity of environments, emerging threat vectors, the proliferation of new security tools, and the high turnover of administration staff, leading to a more exposed attack surface.”
To download a complimentary copy of the entire Gartner Hype Cycle for Security Operations, 2023 report, click here.
How CardinalOps Addresses ASCA and the SEC’s New Cybersecurity Rules
The CardinalOps platform uses specialized analytics and automation – with MITRE ATT&CK as the benchmark – to continuously identify and remediate security control gaps in existing enterprise SIEM/XDRs, including Splunk, Microsoft Sentinel, IBM QRadar, Google Chronicle SIEM, CrowdStrike Falcon LogScale, and Sumo Logic.
The SEC’s new cybersecurity rules (Regulation S-K Item 106) are particularly relevant to the ASCA category. In 10K reports, organizations are now required to describe their processes for “assessing, identifying, and managing material risks from cybersecurity threats” as well as to “describe the board of directors’ oversight of risks from cybersecurity threats and management’s role and expertise in assessing and managing material risks from cybersecurity threats.”
The CardinalOps platform enables organizations to assess risk and reduce their attack surfaces by continuously ensuring they have the right SIEM configuration controls in place to prevent breaches, based on threat intelligence and a threat-informed strategy.
In particular, the CardinalOps platform continuously:
- Assesses the organization’s security posture, using the standard MITRE ATT&CK framework as the benchmark, to support management and the board in managing risk.
- Identifies and helps remediate misconfigured detective controls and log sources, as well as noisy detections, that leave organizations exposed to ransomware and theft of sensitive data.
- Continuously reduces the attack surface by delivering new, deployment-ready detections to address critical control gaps and emerging threat vectors, based on organizational priorities (APTs, threat intelligence, crown jewels, etc.).
- Increases detection engineering productivity by 10x, reducing the need to hire additional SOC personnel and minimizing the impact of organizational churn and human error.
“We believe this validates the importance and value that organizations can realize by implementing an automated security controls assessment (ASCA) solution,” said Michael Mumcuoglu, CEO and Co-Founder of CardinalOps.
See us at Black Hat 2023
CardinalOps will be demonstrating its ASCA platform for detection posture management at Black Hat 2023 in Booth #2268. Join us on Wednesday, August 9th at 4pm PDT to get your complimentary, signed hardcover copy of “Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks” by Scott J. Shapiro, director of the Yale Cybersecurity Lab and the Yale Center for Law and Philosophy.
CardinalOps is also sponsoring Black Hat’s most highly-anticipated after-party, the Level Up party, alongside other industry leaders including ZeroFox, Snyk, VMWare, Guidepoint Security, and others. Join us for custom cocktails, amazing views of Las Vegas from atop the Delano Hotel, and a retro arcade with over 200 classic games like Zelda, Mario Kart, Donkey Kong, and more. Sign up here.
1Gartner, Hype Cycle for Security Operations, 2023, Jonathan Nunez, Andrew Davies, 20 July 2023
2Gartner, Hype Cycle for Workload and Network Security, 2023, Charlie Winckless, Feng Gao, 31 July 2023
Gartner is a registered trademark and service mark and Hype Cycle is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!