Three-quarters of security analysts fear missing alerts
The research, which surveyed 300 IT security managers and security analysts in the US, also shows that nearly half of the alerts security analysts receive are false positives, and almost a third get ignored.
"Security analysts are being overwhelmed by a flood of false positive alerts from disparate solutions while growing increasingly concerned they may miss a true threat," says Chris Triolo, vice president of customer success at FireEye. "To solve these challenges, analysts are asking for advanced automation tools, like Extended Detection and Response, which can help reduce the fear of missing incidents while strengthening their SOC's cybersecurity posture."
In addition under half of enterprise security teams are currently using tools to automate their SOC activities. Only 43 percent use artificial intelligence and machine learning technologies. Security Orchestration Automation and Response (SOAR) tools are used by 46 percent, Security Information and Event Management (SIEM) software by 45 percent, and threat hunting by 45 percent. In addition, only two in five analysts use artificial intelligence and machine learning technologies alongside other tools.
When asked to rank the activities that are best suited to automation, threat detection was the highest (18 percent) on the analysts' wish list, followed threat intelligence (13 percent) and incident triage (nine percent).
You can find out more, download the full report and sign up for a free webinar on the FireEye blog.