Predictive analytics for detection and response

Enterprise security professionals today can prevent many attacks on their organization’s endpoints, thanks to ever-improving defensive tools that work across public and private clouds as…

OpenText  profile picture
OpenText

November 5, 20193 minute read

Descriptive text explaining the contents of the image.

Enterprise security professionals today can prevent many attacks on their organization’s endpoints, thanks to ever-improving defensive tools that work across public and private clouds as well as on premise. But would-be attackers are also continually working to step up their capabilities in the expanding IT landscape, so some attacks will inevitably slip through.

When that happens, IT teams must be ready to detect and respond – quickly and effectively. That’s not easy, though: security is often short on staff and skills or overwhelmed by the sheer number of daily alerts.

We believe the answer lies with detection and response built on predictive analytics. Using advanced analytics and intelligence to automate responses can solve several of today’s biggest enterprise security problems all at once. And recent research backs that up.

Bringing predictive analytics into endpoint detection and response

Predictive analytics “will be critical to enterprise cyber-defense strategies,” notes an Enterprise Strategy Group white paper sponsored by OpenText. The paper adds that predictive analytics will help security analysts cope with high alert volumes and staffing/skills shortages, enabling teams to “better detect when bad actors are attempting to compromise the cyber infrastructure and to stop them.”

During a typical day, enterprise security analysts can see as many as one million alerts. Many of these are false positives, and at those scales, it’s effectively impossible for humans to distinguish those from the genuine problems. The result: alert fatigue and a lot of alerts that aren’t responded to.

Predictive analytics can help by building forecasts based on past and current data about security activities and behaviors. Analyzing such data makes it possible to automatically recognize – in real or near-real-time – the signs of actual threats as opposed to false positives. Armed with this knowledge, human analysts can focus on the alerts that need attention most.

Many organizations already reap the benefits of predictive analytics in applications like weather forecasting and financial fraud detection. With cyberattacks becoming ever more sophisticated, it makes sense for security teams to take advantage of those capabilities as well.

Beyond making it easier to detect and identify threats, predictive analytics can also automate many response activities: automatically isolating affected systems, for example, or banning problematic processes. This helps security teams handle triage, investigation and remediation efforts more quickly and effectively, meaning security operations centers can do more with the same resources, saving time and effort while also reducing the risks of damaging attacks.

Predictive analytics EDR at Enfuse

OpenText experts will be talking a lot more about predictive analytics and other advanced technologies, such as machine learning and artificial intelligence, at our Enfuse conference in Las Vegas from November 11–14. Among the more than 100 sessions scheduled for the event are presentations like “How AI, Machine Learning & Analytics are Changing Security Visibility, Detection and Response,” and “Security Analytics – Advanced Detection Center and Threat Hunting.”

Enfuse offers great learning, networking and certification opportunities for professionals who work in digital investigations, cybersecurity, e-discovery, privacy and more – so I really encourage you to attend.

Learn more

Meanwhile, if you’d like to learn more about using predictive analytics for cybersecurity detection and response, be sure to download the Enterprise Strategy Group white paper. It offers valuable insights into the security benefits of predictive analytics, as well as what to look for in a potential solution. It’s a must-read for anyone who’s looking to navigate today’s fast-changing and ever-more-complex threat landscape.

Share this post

Share this post to x. Share to linkedin. Mail to
OpenText avatar image

OpenText

OpenText, The Information Company, enables organizations to gain insight through market-leading information management solutions, powered by OpenText Cloud Editions.

See all posts

More from the author

Three key aspects of being a threat hunter  

Three key aspects of being a threat hunter  

In today’s digital landscape, the role of a threat hunter has become indispensable. As cyber threats grow increasingly sophisticated, the need for professionals who can…

5 minute read

Fax and figures – automate your fax processes for maximum productivity

Fax and figures – automate your fax processes for maximum productivity

Manual fax processing isn’t scalable

4 minute read

Insights on AI and ISO 20022: OpenText helps shape the narrative at the Payments Canada Summit

Insights on AI and ISO 20022: OpenText helps shape the narrative at the Payments Canada Summit

The 2024 Payments Canada Summit recently concluded, bringing together industry leaders, innovators, and key stakeholders to discuss the most recent trends and insights in payments….

5 minute read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.

Sign up