Security operations (SecOps) can be an exhausting, and often thankless job. Exploding cloud footprints and the work from home reality has significantly increased the SecOps workload. A recent survey of security experts found that 86% of respondents are concerned about burnout and high levels of stress among security teams, due to the daily volume of alerts. Among the technologies that have the potential to ease this burden: automation.
While some security teams have implemented a small degree of automation, the priority is almost always a short-term fix — how can we eliminate a security threat or breach as quickly as possible? As a result, there’s no learning loop or process in place to teach machines post-mortem so they can do most of the hard work next time.