NDR, EDR, NGFW, SIEM, all these tools have at least one thing in common: alerts. There is nothing new about tools generating alerts—warning that something needs attention. Another common thread is that those alerts tend to be low fidelity and high volume, leaving a wide range of issues each competing for an analyst's attention.
Analysts encounter frustrating situations where decisive action is needed to ensure the continuity and stability of business operations, but the set of critical alerts is lost in the noise. The result is alert fatigue and low priority issues being addressed while critical issues can slip through the cracks. This culminates in cyber attacks going undetected or uninvestigated for weeks or months. ...read more!
