CardinalOps announced it has secured $17.5 million in Series A funding led by Viola Ventures, with participation from existing investors Battery Ventures, Glilot Capital, Symbol, and top angel investors from the security industry, bringing total capital raised to $24 million. This latest round will fuel aggressive global expansion in go-to-market and product innovation activities. The company is also announcing that industry veteran Phil Neray has joined the company from Microsoft as Chief Marketing Officer (CMO) and Vice President of Cyber Defense Strategy.

Danny Cohen, general partner at Viola Ventures, who is joining the CardinalOps Board of Directors said, "We have a 20-year track record of identifying outstanding teams and supporting them to unicorn status and beyond and we believe CardinalOps has all the right ingredients to become a global category leader in cybersecurity. Led by visionary founders, CardinalOps is helping organizations leverage analytics to scale and optimize their cyber defenses in the face of continuously-increasing sophistication of cyber adversaries worldwide."

Constant change in the threat landscape, combined with a massive increase in log data collected from diverse sources (endpoint, network, cloud, identity, etc.), are driving exponential growth in complexity for Security Operations Center (SOC) teams. In fact, according to Ponemon, more than 80 percent of security professionals rate the complexity of their SOC as very high, and less than 40 percent assess their SOC as highly effective.

The leading consequence of this complexity is the increased risk of a breach due to delays and backlogs in manually developing new detection rules and threat hunting queries for the latest adversary techniques. By delivering AI-powered recommendations in the native query language of widely used security analytics solutions (such as Splunk, Sentinel, IBM QRadar, CrowdStrike, etc.), the CardinalOps platform does the job of highly-skilled detection engineers with years of training and experience, which are currently in short supply. Derived from CardinalOps' proprietary knowledge graph of crowd-sourced, best practice detection rules and queries, all recommendations are mapped to standard MITRE ATT&CK threat models, customized according to the organization's risk-based priorities and infrastructure, and automatically deployed in order to rapidly eliminate gaps in threat coverage.

"With support from our investors, CardinalOps is entering its next phase of growth to achieve our vision of helping customers bring AI-based analytics and automation to the core security engineering functions that inevitably drive security infrastructure effectiveness and efficiency," said Michael Mumcuoglu, CEO and Co-Founder at CardinalOps. "We have already gained significant traction with our customers across key industries, including manufacturing, financial services, hospitality, media, transportation & logistics, law firms, and managed security services. With our latest investment, we are well-positioned to extend our leadership in global threat coverage optimization for widely-used but under-utlized security tools."

Having launched in early 2021, CardinalOps protects some of the world's largest and most complex organizations, including a Fortune 50 consumer products company; a top 10 U.S. law firm; a top 10 cable operator; and a leading MDR/MSSP. Strategic benefits include:

• Accelerating new cloud initiatives across diverse cloud platforms (AWS, Azure, GCP), each of which has its own security monitoring tools
• Reducing costs by identifying log sources that are ingested but not contributing to threat coverage
• Providing independent, board-level metrics to help CISOs answer the question "How prepared are we to detect the highest priority threats?"
  

"We built a cloud-based AI platform that delivers best practice recommendations in the native query language of these solutions, mapped to standard MITRE ATT&CK controls and customized according to each organization's risk-based priorities," said Michael Mumcuoglu. "Our platform is now deployed in production SOCs across key industries, such as manufacturing, financial services, hospitality, media, transportation & logistics, law firms, and managed security services.