Skip to main content

Almost all SOCs now deploy AI to detect attacks

(Image credit: Image Credit: Razum / Shutterstock)

With cyberattacks growing in complexity and scale, most Security Operations Centers (SOCs) around the world have turned to artificial intelligence (AI) and machine learning (ML) technologies.

This is according to a new report from Micro Focus, which states that 93 percent of respondents now use AI and ML to improve advanced threat detection. Further, the vast majority expect to start using Security Orchestration and Automated Response (SOAR) tools within the next year, if not sooner.

According to the report, as SOCs continue to mature, they will deploy next-gen tools “at an unprecedented rate”.

“The odds are stacked against today’s SOCs: more data, more sophisticated attacks, and larger surface areas to monitor. However, when properly implemented, AI technologies such as unsupervised machine learning, are helping to fuel next-generation security operations, as evidenced by this year’s report,” said Stephan Jou, CTO Interset at Micro Focus.

The majority of respondents (90 per cent) rely on the MITRE ATT&K framework to understand various attacking techniques, because knowledge of adversary tactics is crucial for detecting advanced threats.

In order to safeguard their organization from threats, SecOps teams are also now juggling a multitude of tools. According to Micro Focus, organizations widely use 11 common types of security operations tools, and each one is expected to exceed 80 percent adoption next year.