home.aspx
 
. https://www.algosec.com/blog/finding-that-one-in-a-million-addressing-security-alert-overload-by-applying-business-context/
blog article
FINDING THAT ONE IN A MILLION: ADDRESSING SECURITY ALERT OVERLOAD BY APPLYING BUSINESS CONTEXT
How many security alerts does a security operation center (SOC) have to deal with during an average day?  New research from Imperva claims that 27% of IT professionals reported receiving more than 1 million alerts a day, and 55% received more than 10,000 a day – or nearly 7 per minute! To try and address this deluge, 10% of respondents said that are hiring additional SOC engineers to assist with processing these alerts, while 57% said that they are adjusting their policies to reduce alert volume.  However, even when SOC teams take the steps to address or reduce the volume of alerts, the report found that they still face challenges in managing them.  53% noted that their organization’s SOC’s struggle to pinpoint which security incidents are critical and need attention, versus those that are irrelevant or false positives. So, it’s no surprise that 30% of respondents admitted to simply ignoring certain categories of alerts.  Worryingly, 4% said they turned off their alert notifications altogether, and more than half the respondents (54%) experienced significant stress and expressed frustration with their jobs. READ MORE