In every SOC environment, there are two key metrics that demonstrate efficiency and effectiveness: Mean Time to Detection (MTTD) and Mean Time to Remediation (MTTR). The risk and exposure from any cyber threat can be reduced significantly by improving these metrics. Stellar Cyber recently completed a study with its MSP and MSSP partners, to determine how much our Open XDR platform improves these two metrics.
MTTD – Partners reported that Machine Learning (ML) in our platform delivers an 8X reduction in detection times. Most notably, they reported that the machine learning in Open XDR cuts across multiple threat vectors to provide a clear, concise, correlated event. SOC analysts using SIEMs spend a significant amount of time determining whether alerts are false positives, and whether individual alerts are related to others – since they must manually correlate them in their research. Stellar Cyber users take advantage of ML, and no longer need to write and maintain complex rules.
MTTR – The study also showed that automation provides a 20X improvement in partners’ response time to events. Many of the events analysts manage on a daily basis are repetitive tasks, so automation of those tasks provides significant reduction in MTTR. Leveraging Open XDR, our partners create threat hunting rules to automate both detection and response. Another benefit that Stellar Cyber partners emphasized is that having integrated threat intelligence significantly simplifies their decision and response procedures: when the key data was included in the event, they can respond without having to log into multiple consoles. This also frees up their time to deal with the most critical alerts.
Two additional benefits noted from the study include improved morale in the SOC and improved ROI for our partners. SOC analysts have a tough job, and utilizing automation makes their time more effective and drives higher morale. Owners and CEOs of Stellar Cyber partners also note that improvements in MTTD and MTTR also drive improved ROI from their previous solutions.
To sum up the results of the study, when comparing benefits of using a SIEM and Open XDR platform, Open XDR delivers enhanced security through faster detection and response times, higher security analyst job satisfaction, and an improved bottom line for our partners. Check out an Open XDR platform for yourself!
The post XDR Delivers Significant Performance Improvement over SIEM appeared first on Cybersecurity Insiders.
May 24, 2021 at 06:21PM
0 comments:
Post a Comment