Poor SIEM configuration puts enterprises at risk

Enterprises invest billions annually on SIEM (Security Information and Event Management) software and expect this investment to result in comprehensive threat coverage. But a new report from AI-powered threat coverage platform CardinalOps shows that on average SIEM deployment rules miss 84 percent of the techniques listed in MITRE ATT&CK. Add in the fact that multiple rules may be required to fully cover a particular attack technique and the actual MITRE coverage of the average SIEM deployment is likely to be even worse. The research data shows that an average of 25 percent of SIEM rules are broken and will never… [Continue Reading]