Why cyber tools fail SOC teams

A recent Vectra AI report highlights a growing distrust of threat detection tools. 47% of respondents note they do not trust their tools to work the way they need them to. Moreover, 60% of SOC practitioners say security vendors flood them with pointless alerts to avoid responsibility for a breach.

In this Help Net Security video, Mark Wojtasiak, VP of Research and Strategy at Vectra AI, discusses where vendors and tools aren’t owning accountability and how SOCs are shifting strategies to improve their attack signal.

Key findings:

• 54% say the tools they work with increase the SOC workload instead of reducing it.
• 50% of SOC practitioners say their security tools are more of a hindrance than a help when it comes to spotting actual attacks
• 60% of SOC practitioners say many security tools are bought as a “box ticking” exercise for compliance.
• 71% of SOC practitioners say vendors must take more responsibility for failing to stop a breach.
• SOC teams receive an average of 3,832 daily alerts, 62% ignored.
• 85% of SOC practitioners say their level of investment and use of AI has increased in the last year
• 67% note that AI has positively impacted their ability to identify and deal with threats.
• 89% of SOC practitioners will use more AI-powered tools over the next year to replace legacy threat detection and response.