Security teams are still overwhelmed
by alert overload
False positives are a number one challenge. Today's security systems generate too many alerts, making it difficult for teams to identify and respond to actual threats in a timely manner. Approximately a third of all cybersecurity alerts are determined to be false positives, leading to a huge waste of resources to investigate problems that don’t actually exist. Analysts then spend 10 - 20 minutes investigating each incident they receive, and much of that time is spent downgrading alerts incorrectly marked as critical or misprioritized.
Most enterprises receive over 10,000 alerts per day
60% of banks can see up to 100,000 alerts per day
Over a quarter of security teams have to deal with more than 1 million alerts per day
Sources: Imperva research, McAfee
Critical Start research