Security Operations Software

ESG Reviews the Respond Analyst

Dan Lamorena
by Dan Lamorena
category Security Operations Software
tags ESG, respond analyst

Given the growing data and number of tools, organizations are finding it difficult to hire the people they need to manage their security operations environment.  A recent Enterprise Strategy Group (ESG) survey finds that 71% of organizations are planning to deploy or are deploying machine learning technologies for cybersecurity operations and analytics. We launched the Respond Analyst to meet this very need.  

The analysts at ESG recently published a new technical review of the Respond Analyst. It’s available here.  

In his review, ESG Senior Analyst Jack Poller notes that more than three-quarters of ESG research respondents (77%) use 10 or more security analytics and operations tools. These organizations say that two of their top challenges are monitoring security across a growing attack surface (27%) and keeping up with the volume of security alerts (23%).  

ESG’s technical reviews are conducted by industry experts and follow the path that most technology buyers go through, including product overviews, demos and then deeper dives into the product, so they can do a proper evaluation. ESG also examines the core functionality of the product and spends time going through the GUI, explaining how a Tier 2 or Tier 3 analyst may use the product to investigate and respond to scoped security incidents.   

ESG’s goal was to see if the Respond Analyst could function as a virtual security analyst and augment human analysts for less-experienced and understaffed organizations. They evaluated the Respond Analyst’s automated decision models to confirm they could analyze cybersecurity telemetry events and alerts, organizational contextual information, and common TTPs and reduce those millions of events into a few real security incidents 

Poller cites, “an increase in the number of tools utilized increases security operations and analytics complexity and requires an increase in personnel.” Poller also notedthe Respond Analyst uses multiple machine learning models to analyze millions of cybersecurity telemetry events and alerts in real time. Using Robotic Decision Automation, the Respond Analyst behaves as a virtual analyst, and has the potential to replace or augment human analysts.”  

So, how did we do?  To see the full review and get ESG’s take, download, “Respond Analyst: The Virtual Security Analyst.”