Objective
Identify threats faster by improving MTTI (Mean Time To Identify)
Solution
To date, Salem has investigated alerts from this client's endpoint detection and response (EDR) tool. The client team, including their MSSP, already actively reviewed most alerts from this environment, but wanted to get better. Salem is part of a greater vision of leveraging automation to reduce MTTI by having AI automation look at all alerts but only immediately escalating the critical ones.
Impact
Salem analyzed alerts from 65,000 endpoints and achieved the following:
3 min
average mean-time-to respond, a decrease from 48 minutes
8%
of threat escalations from Salem are for low-severity alerts
2-4
average number of alerts Salem escalates per week
In the past, we have had to balance seeing more alert use cases with alert fatigue. Salem's automation helps us manage that balance.
Head of Incident Response at a Fortune 100 Enterprise
