Israeli artificial intelligence-powered security engineering startup CardinalOps Ltd. revealed today that it has raised $17.5 million in new funding to fuel global expansion in go-to-market and product innovation activities.

Viola Ventures led the Series A round with Battery Ventures, Glilot Capital, Symbol and top angel investors from the security industry also participating. Including the new funding, CardinalOps has raised $24 million to date.

Founded in 2020, CardinalOps offers an AI-powered platform that continuously recommends best practice detection rules for existing security information and event management. These are mapped to MITRE ATT&CK threat models and customized according to an organization’s priorities and log source.

CardinalOps pitches itself as enabling security operations center engineering teams to stay ahead of constant change in the threat landscape and organizational requirements. By continuously updating missing detections in existing security information and event management as well as extended detection and response deployments, the company claims that its platform enables organizations to close the riskiest threat coverage gaps that leave them exposed.

The company says the constant change in the threat landscape, combined with a massive increase in log data collected from diverse sources, such as endpoint, network, cloud and identity, are driving exponential growth in complexity for SOC teams. According to a survey, more than 80% of security professionals rate the complexity of their SOC as very high, and fewer than 40% assess their SOC as highly effective.

As such, the consequence of this complexity is the increased risk of a breach because of delays and backlogs in manually developing new detection rules and threat hunting queries for the latest adversary techniques. The platform delivers AI-powered recommendations in the native query language of security analytics solutions such as Splunk, Sentinel, IBM QRadar and CrowdStrike. CardinalOps’ platform is claimed to do the job of highly skilled detection engineers with years of training and experience, which are currently in short supply.

Having launched in early 2021, CardinalOps customers now include a Fortune 50 consumer products company, a top 10 U.S. law firm, a top 10 cable operator and a leading provider of managed detection and response and managed security services.

“We have already gained significant traction with our customers across key industries, including manufacturing, financial services, hospitality, media, transportation and logistics, law firms and managed security services,” Michael Mumcuoglu, co-founder and chief executive officer of CardinalOps, said in a statement. “With our latest investment, we are well-positioned to extend our leadership in global threat coverage optimization for widely used but underutilized security tools.”

Along with the funding announcement, CardinalOps also announced that Phil Neray, previously director of “internet of things” and industrial cybersecurity and director of product marketing at Microsoft Corp., has joined the company as chief marketing officer and vice president of cyber defense strategy.

Image: CardinalOps