2023 RSA Conference Survey Report

SIEM Data Analytics Challenges Facing the SOC

Gurucul conducted a survey of more than 230 security professionals at the 2023 RSA Conference to better understand the challenges SIEM users face around data ingestion, security analytics, threat detection and response.

Highlights:

• Daily security alert totals are staggering with nearly 20% claiming there are simply too many to count. Equally disturbing is the fact that 23.18% claim to get more than 1,000 security alerts a day, 14.16% get more than 10,000, and 4.29% get more than 100,000
• Over 42% of our survey respondents claim it takes weeks, months or longer to add new data sources to their SIEM. And only 23.6% of respondents use automated data mapping to add new sources.
• Nearly 17% are NOT confident that their SIEM can detect unknown threats, and close to 21% don’t know. Only 20% are very confident in their SIEM’s ability.
• Close to 32% take days to build customized SIEM playbooks and workflows. However, 39.48% can build custom playbooks/workflows in minutes to hours.

Download the full report to learn more.