CardinalOps 2022 Report on the State of SIEM Detection Risk analyzed aggregated and anonymized data from production security information and event management (SIEM) instances to understand security operations center (SOC) preparedness to detect the latest adversary techniques in MITRE ATT&CK, the industry-standard catalog of common adversary behaviors based on real-world observations.