Enterprise IT security professionals believe that human expertise will always play a key role in detecting and stopping security threats.

That’s just one of the findings from a a survey we conducted of security analysts, CISOs, infosecurity experts, and security engineers at this year’s RSA global information security in San Francisco in April. The US RSA conference, being one of the largest gatherings of security experts in the world, provides an excellent occasion for sampling the views of IT security professionals about the state of their art.

And what did IT security professionals tell us?

  • They’re overwhelmed with security alerts.
    78 percent of respondents reported alert fatigue. This shouldn’t be surprising: the threat landscape is getting much worse. The typical SecOps team is facing a 40% year-over-year increase in advanced persistent threats and data breaches. Alerts—both real and false—are going through the roof.

  • The security automation they have isn’t working. 66 percent of those with dedicated threat hunting teams are not benefiting from the security automation they have.
  • The best possible approach to threat hunting combines security automation with human analysis Just because the automation systems they have now aren’t working, doesn’t mean that security teams don’t recognize the value of security automation. They consider it critical for effective security. But 79 percent believe it should be combined with human expertise to be effective.
  • Automation will never replace human expertise.93% told us it’s essential for SecOps to include a tradition human element.

Empowering SecOps teams with effective threat hunting tools is critical. The average data breach goes 206 days before being detected. That’s 206 days for an attack to spread through a network, infect multiple systems, and possibly exfiltrate critical data such as customer records, financial data, intellectual property, and login credentials.

Intelligent Automation that Combines Human Expertise with Advanced Analytics

Enterprises need a faster, more efficient way to analyze alerts and engage in proactive threat hunting.

That’s what we’re offering with our LogicHub platform.

The LogicHub Intelligent Security Automation platform automates threat hunting techniques like scoring, clustering, correlation, and mapping—in effect creating a digital map of a security analyst’s mind. The heart of the platform is the Threat Ranking Engine, which uses context–including context provided by security analysts–to enrich threat data. Using this enriched data, the platforms reduces billions of security events through scoring and classification to triage all threats for rapid resolution, dramatically lowering both false negative and false positive rates.

In line with the RSA survey responses, the LogicHub platform also provides an intuitive feedback mechanism that enables security analysts to apply their expertise to refine the platform’s performance. Unique in the security market, the LogicHub platforms gives SecOps teams the best of both worlds: human expertise along with the power of cognitive automation.

The results address the major concerns raised in the survey.

  • Reducing alerts SecOps teams are overwhelmed with security alerts, but by applying advanced machine learning techniques, the platform is able to reduce false positive alerts by 95%.
  • Leveraging powerful automation SecOps teams report that existing automation solutions–which often include security orchestration systems the automate routine tasks but fail to address threat hunting—aren’t working. But the LogicHub automates much of the more time-intensive
  • Applying and multiplying the effects of human expertise With its feedback loop, the LogicHub platform enables SecOps teams to take better advantage of human expertise, rather than discarding it.
  • Accelerating threat detection so that SecOps automation and efforts overall are more effective By capturing and automating the security analyst expertise about an organization's context and processes, LogicHub shrinks threat detection times 10X. In addition, by reducing time-consuming threat investigations, the platform free analysts to engage in more proactive threat hunting, enabling them to detect and stop threats before they cause major damage.


Related Posts

September 13, 2022 Kumar Saurabh

Why No Code Solutions Are a Double-Edged Sword

Most out-of-the-box security automation is based on a simple logic — essentially, if “this”...

Learn More

August 16, 2022 Willy Leichter

Understanding MDR, XDR, EDR and TDR

A program with proper threat detection and response (TDR) has two key pillars: understanding the...

Learn More

August 9, 2022 Willy Leichter

Intuition vs. Automation: What Man and Machine Bring to Data Security

Cybersecurity experts Colin Henderson and Ray Espinoza share their take on the automation-driven...

Learn More

August 2, 2022 Anthony Morris

Using AI/ML to Create Better Security Detections

The blue-team challenge Ask any person who has interacted with a security operations center (SOC)...

Learn More

July 26, 2022 Willy Leichter

How to Select the Right MDR Service

It can be difficult to understand the differences between the various managed detection and...

Learn More

July 21, 2022 Willy Leichter

The Evolving Role of the SOC Analyst

As the cyber threat landscape evolves, so does the role of the security operations center (SOC)...

Learn More

July 19, 2022 Kumar Saurabh

Life, Liberty, and the Pursuit of Security

As cyber threats evolve, organizations of all sizes need to ramp up their security efforts....

Learn More

July 15, 2022 Tessa Mishoe

LogicHub Security RoundUp: July 2022

Hello, and welcome to the latest edition of the LogicHub Monthly Update! Each month we’ll be...

Learn More

July 12, 2022 Willy Leichter

Security Tools Need to Get with the API Program

No cloud API is an island The evolution of cloud services has coincided with the development of...

Learn More

July 6, 2022 Willy Leichter

Why the Rush to MDR?

LogicHub recently published a survey conducted by Osterman Research, looking at changing trends and...

Learn More