As attacks have grown in complexity,
the need for defenders
to employ effective automation
has also increased, and cybersecurity
teams have sought to respond
accordingly by investing
in tools that help eliminate the
manual work associated with incident
detection, analysis, and response.
www.AmericanSecurityToday.com July 2019 - Edition 46
Automated Threat Detection
Tools
a baseline, time to tune, and ongoing
refinement.
Throughout this process, the number
of false positives generated
can negate much of the operational
efficiencies gained.
Alternatively, security teams have
realized efficiency gains in the
use of machine learning for automating
the deployment of security
solutions.
There has been a significant increase
in security tools that
have incorporated automation
to try to identify attacks.
Many of these use various levels
of artificial intelligence to pattern
match or attempt to detect
anomalous behavior.
This capability can be useful in
accelerating detection, but many
security teams find this approach
challenging because it requires
An example of this is deception
technology, where the solution
self-learns the environment and
then automatically proposes the
decoy configurations and credentials
so that the deceptions match
production assets and users.
This automatic configuration saves
on both the time to deploy as well
as eliminating mistakes during
the customizations.
Augmenting Detection Tools
27