Every security team has its own set of security tools, competencies, common use cases and compliance requirements. One of the few common threads that weaves across all these elements is the steps followed while responding to a security incident. Demisto sponsored a study of security professionals around the world to delve deeper into the challenges they faced across the incident response lifecycle, the tools they used and the capabilities they felt were missing in their tool stack.
Some interesting trends our report uncovered:
- Playbooks on the rise: More than 50% of respondents use either automated playbooks or a mixture of automated and manual playbooks to implement incident response processes.
- Product silos persist: Roughly 50% of respondents use six or more distinct security tools for incident response.
- It’s a team effort: Security teams must often work with IT teams (85%), NOC teams (53%) and DevOps teams (39%) for incident response.
- More than just IR: Security teams need to oversee vulnerability management (72%), compliance checks (61%) and cloud security (41%) apart from their day-to-day operations.
Download our report to learn more!