Panther Labs, provider of a cloud-native SIEM that solves the challenges of security operations at scale, has released the findings from its new “State of Threat Detection and Response” report.
The company surveyed 400 active security practitioners, primarily security analysts and security engineers, to reflect the “boots on the ground” perspective for security teams. The goal of the research was to better understand how effective their current tools and processes are, improvements they recommend making going forward, the challenges they face, and projections for the future.
Latest Computing News: Voltron Data and DataStax Partner to Accelerate the Business Impact of Real-Time Data
“Threat detection and response at modern scale is challenging, no matter how large or experienced your team is,” said Jack Naglieri, CEO and founder of Panther Labs. “The answers provided by our respondents confirm what many security practitioners experience firsthand every day: commercial tools are often not living up to their expectations, but security teams also struggle to build their own internal tooling that can perform as needed.”
Latest Computing News: New Survey from CSA and Google Finds Cloud Adoption Improves Risk Management
Key Findings:
- The biggest challenge is efficiency. Most respondents say efficiency issues, like time wasted on false positives and a lack of efficient processes, are their biggest challenges today.
- Automation would make them more effective. They believe that automating manual tasks would have the greatest impact on making security operations more efficient.
- Over the last 12 months, 48% have seen a 3x increase in the number of alerts per day. This is an alarming growth rate and, for teams already stretched thin, this rate of increase exacerbates an already problematic situation.
- Over 50% find that at least half of alerts are false positives. Managing a high volume of false positives is contributing to alert fatigue and impacting security teams’ ability to focus on more high-value tasks.
- Fifty-five percent have built their own detection and response tool, but less than half found it to be highly effective. The need to build their own tools likely stems from dissatisfaction with the tools available, so they’re taking on the momentous task of building their own when no commercial offerings can do the job.
Latest Security News: Introducing Meshnet – NordVPN’s New Feature Allows Users to Create Their Own VPN Server in Seconds
[To share your insights with us, please write to sghosh@martechseries.com]
