Gartner Emerging Tech Report: AI for TDIR Use Cases

Gartner Logo

Top Use Cases for AI in Threat Detection, Investigation and Response

If the secure and strategic application of AI into SecOps is a priority for 2024 this Gartner Emerging Tech report is a must-read. Get a behind the scenes look at what Gartner urges security vendors to consider when adding AI capabilities to their roadmap. Learn the inherent risks you must pressure vendors to address and the most realistic use cases for improved detection fidelity, faster response times and analyst productivity.

+ Read more

Glimpse inside: Key Findings from Gartner®


  • More than 50% of interviewed security providers claim to already be using supervised machine learning (ML)-based AI to enhance their threat detection capabilities.
  • Over 80% of security providers are actively developing, or have plans to integrate, large language models (LLMs) into their security platforms.
  • Although adoption and use of AI technologies are widespread and growing, security providers are doing so with caution due to concerns about client data exposure, the correctness of AI content and the potential risk of negative impact on remediation actions.
  • The use of AI by malicious parties is accelerating the evolution of their attack capabilities and compelling security product leaders to adopt and implement AI technologies more quickly to respond with improved threat detection, investigation and response (TDIR) solutions.




Gartner, Emerging Tech: Top Use Cases for AI in Threat Detection, Investigation and Response, Travis Lee, Matt Milone, and 2 more, 27 October 2023. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.