Cluttered Tools Lead to Unnecessary Complexity
You Need Threat Detection Tools with the ability to automate cyber threat-hunting. However, too many independent tools can result in tool-clutter that that can also impair integration and automation. The goal should be to minimize the number of tools and only choose those with maximum impact:
• Threat detection tools need to be constantly updated for evolving hacker hacker tactics and techniques. There is a risk of being behind-the-curve with a lack of Automation.
• Incident response generation needs to be automated in order to avoid time-consuming expert triage. The manual plotting of an incident response is subject to human error and can be time consuming in an environment where timeliness is a risk issue. This risk can be reduced with Automation.