Research Report: The Impact of Security Alert Overload | Critical Start
Learn real world attack and defense strategies with Adversarial Emulation and Active Defense training from TEAMARES
TEAMARES launches Breach Attack as a Service for quick testing whenever your environment changes.
Webinar Series | Once More unto the Breach | Lessons Learned from Billion Dollar Breaches

Research Report: The Impact of Security Alert Overload

CRITICALSTART conducted a survey of more than 50 Security Operations Center (SOC) professionals across enterprises, Managed Security Services Providers (MSSP) and Managed Detection & Response (MDR) providers to evaluate the state of incident response within SOCs. The survey was fielded Q2 2019.

The report and analysis are based on the responses received from this sample with comparisons drawn to the same questions asked in the company’s 2018 report.

This year’s report revealed that SOC analysts continue to face an overwhelming number of alerts each day that are taking longer to investigate, resulting in many SOC analysts believing their primary job responsibility is to “reduce the time it takes to investigate alerts.”

To cope with the onslaught of alerts, managed security providers simply try to hire more analysts or direct existing ones to ignore certain types of alerts and turn off key features that generate too many alerts – negatively impacting business models and leaving enterprises more susceptible to attacks. The most striking finding is the direct toll the alert overload problem is having on SOC analyst retention.


Contact an MDR Specialist Today

Get in Touch
Path 11 Copy 2 Created with Sketch.
Path 11 Copy 3 Created with Sketch.

Related Content