CardinalOps, a threat coverage optimization company, announced it has secured $17.5 million in Series A funding led by Viola Ventures, with participation from existing investors Battery Ventures, Glilot Capital, Symbol, and top angel investors from the security industry, bringing total capital raised to $24 million.
This latest round will fuel aggressive global expansion in go-to-market and product innovation activities. The company also is announcing that industry veteran Phil Neray has joined the company from Microsoft as Chief Marketing Officer (CMO) and Vice President of Cyber Defense Strategy.
Danny Cohen, general partner at Viola Ventures, who is joining the CardinalOps Board of Directors said, “We have a 20-year track record of identifying outstanding teams and supporting them to unicorn status and beyond and we believe CardinalOps has all the right ingredients to become a global category leader in cybersecurity. Led by visionary founders, CardinalOps is helping organizations leverage analytics to scale and optimize their cyber defenses in the face of continuously-increasing sophistication of cyber adversaries worldwide.”
Constant change in the threat landscape, combined with a massive increase in log data collected from diverse sources (endpoint, network, cloud, identity, etc.), are driving exponential growth in complexity for security operations center (SOC) teams. In fact, according to Ponemon, more than 80 percent of security professionals rate the complexity of their SOC as very high, and less than 40 percent assess their SOC as highly effective.
The leading consequence of this complexity is exposure to missed threat detections leading to theft of sensitive information, operational downtime, and reputational damage. CardinalOps’ platform addresses this challenge by delivering AI-powered recommendations for a broad range of security analytics solutions (Splunk, Sentinel, IBM QRadar, CrowdStrike, etc.) to eliminate risky gaps in threat coverage.
Recommendations are based on the company’s graph knowledge base of crowd-sourced, best practice detection rules, mapped to the standard MITRE ATT&CK framework and customized according to the organization’s unique priorities and infrastructure.
“With support from our investors, CardinalOps is entering its next phase of growth to achieve our vision of helping customers bring AI-based analytics and automation to the core security engineering functions that inevitably drive security infrastructure effectiveness and efficiency,” said Michael Mumcuoglu, CEO and co-founder at CardinalOps. “We have already gained significant traction with our customers across key industries, including manufacturing, financial services, hospitality, media, transportation & logistics, law firms, and managed security services. With our latest investment, we are well-positioned to extend our leadership in global threat coverage optimization for widely-used but under-utilized security tools.”
Having launched in early 2021, CardinalOps protects some of the world’s largest and most complex organizations, including a Fortune 50 consumer products company; a top 10 U.S. law firm; a top 10 cable operator; and a leading MDR/MSSP. Strategic benefits include:
- Accelerating cloud initiatives across diverse cloud platforms (AWS, Azure, GCP), each of which has its own security monitoring tools
- Rapidly updating detections to address new ransomware and APT tactics; new vulnerabilities (log4j, etc.); and operationalizing new log sources (new EDR platforms, CIEM/CSPM, BAS, etc.)
- Scaling effectiveness of detection engineering teams in the face of staffing challenges, leveraging automation to replace manual development of detection rules and use cases
- Reducing costs by identifying log sources that are ingested but not contributing to threat coverage
- Providing independent, board-level metrics to help CISOs answer the question “How prepared are we to detect the highest priority threats?”
Mumcuoglu added, “Channel partners, such as MSSPs/MDRs, play a key role in our global expansion plans. They’re looking to scale their businesses while supporting multiple SIEM/XDR solutions like Splunk, Microsoft Sentinel, IBM QRadar, and CrowdStrike with limited staff.
“Organizations aren’t getting the value they expect because configuring these solutions is still a largely manual, ad-hoc and error prone process, which leads to risky gaps in threat coverage and unnecessary costs from more and more log sources being ingested without actually contributing to detecting threats,” he continued. “So, we’re seeing market traction from MSSPs/MDRs and other cybersecurity solution providers looking to optimize their customers’ SIEM/XDR deployments with automated, AI-driven recommendations from our cloud-based platform.”
The funding from the Series A will be used to expand CardinalOps’ go-to-market activities so it can expand the number of partners the company supports.
“It will also be used to expand our product development and security research teams so we can continue to innovate in helping customers enhance their cyber defenses,” Mumcuoglu said.