This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
A recent Network World article argued that automated threat detection (TD) is more important than automated incident response (IR). But the piece was predicated on flawed and misguided information.
The article shared an example of a financial institution in which analysts investigated 750 alerts per month only to find two verified threats. The piece claimed that, in this scenario, automated IR could only be applied to the two verified threat instances, therefore making automated threat detection upstream a more important capability by “orders of magnitude.”