Predictive analytics for detection and response

Enterprise security professionals today can prevent many attacks on their organization’s endpoints, thanks to ever-improving defensive tools that work across public and private clouds as…

OpenText profile picture

OpenText

November 5, 20193 minutes read

Descriptive text explaining the contents of the image.

Enterprise security professionals today can prevent many attacks on their organization’s endpoints, thanks to ever-improving defensive tools that work across public and private clouds as well as on premise. But would-be attackers are also continually working to step up their capabilities in the expanding IT landscape, so some attacks will inevitably slip through.

When that happens, IT teams must be ready to detect and respond – quickly and effectively. That’s not easy, though: security is often short on staff and skills or overwhelmed by the sheer number of daily alerts.

We believe the answer lies with detection and response built on predictive analytics. Using advanced analytics and intelligence to automate responses can solve several of today’s biggest enterprise security problems all at once. And recent research backs that up.

Bringing predictive analytics into endpoint detection and response

Predictive analytics “will be critical to enterprise cyber-defense strategies,” notes an Enterprise Strategy Group white paper sponsored by OpenText. The paper adds that predictive analytics will help security analysts cope with high alert volumes and staffing/skills shortages, enabling teams to “better detect when bad actors are attempting to compromise the cyber infrastructure and to stop them.”

During a typical day, enterprise security analysts can see as many as one million alerts. Many of these are false positives, and at those scales, it’s effectively impossible for humans to distinguish those from the genuine problems. The result: alert fatigue and a lot of alerts that aren’t responded to.

Predictive analytics can help by building forecasts based on past and current data about security activities and behaviors. Analyzing such data makes it possible to automatically recognize – in real or near-real-time – the signs of actual threats as opposed to false positives. Armed with this knowledge, human analysts can focus on the alerts that need attention most.

Many organizations already reap the benefits of predictive analytics in applications like weather forecasting and financial fraud detection. With cyberattacks becoming ever more sophisticated, it makes sense for security teams to take advantage of those capabilities as well.

Beyond making it easier to detect and identify threats, predictive analytics can also automate many response activities: automatically isolating affected systems, for example, or banning problematic processes. This helps security teams handle triage, investigation and remediation efforts more quickly and effectively, meaning security operations centers can do more with the same resources, saving time and effort while also reducing the risks of damaging attacks.

Predictive analytics EDR at Enfuse

OpenText experts will be talking a lot more about predictive analytics and other advanced technologies, such as machine learning and artificial intelligence, at our Enfuse conference in Las Vegas from November 11–14. Among the more than 100 sessions scheduled for the event are presentations like “How AI, Machine Learning & Analytics are Changing Security Visibility, Detection and Response,” and “Security Analytics – Advanced Detection Center and Threat Hunting.”

Enfuse offers great learning, networking and certification opportunities for professionals who work in digital investigations, cybersecurity, e-discovery, privacy and more – so I really encourage you to attend.

Learn more

Meanwhile, if you’d like to learn more about using predictive analytics for cybersecurity detection and response, be sure to download the Enterprise Strategy Group white paper. It offers valuable insights into the security benefits of predictive analytics, as well as what to look for in a potential solution. It’s a must-read for anyone who’s looking to navigate today’s fast-changing and ever-more-complex threat landscape.

Share this post

Share this post to x. Share to linkedin. Mail to
OpenText avatar image

OpenText

OpenText, The Information Company, enables organizations to gain insight through market-leading information management solutions, powered by OpenText Cloud Editions.

See all posts

More from the author

Manutan combines digital services with the human touch to delight customers

Manutan combines digital services with the human touch to delight customers

At Manutan, we equip businesses and communities with the products and services they require to succeed. Headquartered in France, our company has three divisions, serving…

January 31, 2024 4 minutes read
Reaching new markets in Europe and beyond

Reaching new markets in Europe and beyond

How information management specialists at One Fox slashed time to market for innovative products with OpenText Cloud Platform Services At One Fox, we’ve driven some…

January 18, 2024 4 minutes read
SoluSoft helps government agencies tackle fraud faster

SoluSoft helps government agencies tackle fraud faster

Fraud, in all its forms, is a pervasive problem, spanning industries and preying on vulnerabilities in federal and state government systems. Each year in the…

November 21, 2023 3 minutes read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.