Hackers and criminal syndicates are attacking enterprises with increasingly stealthy and sophisticated techniques. In response, companies are deploying a new generation of firewalls, IDS appliances, and Security Information and Event Monitoring (SIEM) servers to detect suspicious activity as quickly as possible. Two problems are undermining these recent investments in IT security. First, SIEM systems -- even new ones -- are generating too many false positive alerts, making it difficult for analysts to detect and mitigate real threats quickly. Second, the hype around applying Artificial Intelligence (AI) to threat detection, when not implemented carefully, is generating even more false positives and…
[Continue Reading]