BOSTON, April 16, 2025 (GLOBE NEWSWIRE) — Devo Technology, the security data analytics company, today unveiled the results of a new survey examining alert management in security operations centers (SOCs) and the growing need for a shift to an Alertless SOC. The Evolution Toward an Alertless SOC report found that the current alert-centric SOC architecture creates numerous pain points for analysts, including duplicated work.
Organizations reported that their analysts spend significant time manually gathering evidence from different tools, enriching data, and cross-checking data to understand if new alerts are connected to already-known incidents. More specifically, the survey found that:
- 83% of analysts are overwhelmed by alert volume, false positives, and lack of alert context.
- 85% of analysts spend substantial time gathering and connecting evidence to transform an alert into an actionable security case.
The alert-centric model also duplicates work, wasting analysts’ already limited time. A staggering 84% of organizations report that SOC analysts unknowingly investigate the same incidents several times a month or more. More specifically, 60% reported discovering duplicated investigations at least once per week.
Under-delivery from tools and a reactive approach hinders SOC efficiency
The study showed that analysts are more likely to take a reactive approach, working in response …