Security Operations Teams (SOCs) today are under attack by the very mechanisms meant to help them. A recent industry study revealed a few startling facts: SOCs spend a third of their workday hunting down false positives. Even then, SOCs only get to half of the alerts they need to every day. Out of all the teams currently using automation, only half apply it to threat hunting and incident enrichment. And unsurprisingly, the vast majority (80%) say that manual processes are slowing them down. These stats lay out both the problem with and solution to alert fatigue today: too many alerts, too many…
This article has been indexed from Blog RSS Feed