target audience: TECH SUPPLIER Publication date: Aug 2023 - Document type: Market Analysis Perspective - Doc Document number: # US50212023
Market Analysis Perspective: Worldwide Cloud-Native XDR and SOC Analytics, 2023 — What Generative AI and Other Analytics Mean Toward Detection and Response
Content
- 24 slides
Get More
When you purchase this document, the purchase price can be applied to the cost of an annual subscription, giving you access to more research for your investment.
Related Links
Abstract
This IDC Market Analysis Perspective (MAP) provides a perspective on the business environment and best practices of vendors in network detection and response (NDR), security full packet capture, threat intelligence providers (TIP/TISS), cloud-native XDR vendors, firewall automation providers, and security orchestration and response (SOAR). The PowerPoint presentation provides a high-level comparative 2021 revenue to 2022 revenue review, as well as a high-level market forecast for the 2022-2027 period. Seemingly, for cybersecurity products solutions vendors, there are as many tailwinds propping vendors, as there are headwinds that threaten progress (or, at the least profitability of cybersecurity vendors). The 2023 MAP provides a point-in-time review of where these technologies are now, and what the market conditions are in the near-term future.
At IDC, we are careful to acknowledge that artificial intelligence and machine learning (AI/ML) has been a part of cybersecurity platforms for nearly two decades now. Instead of trying to debate whether there is true AI in cybersecurity versus a flavor of ML, it may be easier to simply place machine-driven insights under the umbrella of "analytics."
Instead of getting lost in a battle of semantics, let's understand where security "analytics" are today. At the end of 2022, there was tangible evidence that security automation had reached a new state of efficacy. In September 2022, both Palo Alto Networks and Microsoft announced managed detection and response services. Automation binds the steps that the security operations analyst must take in incident investigation in the collection of artifacts and then ephemeral and then permanent response to an incident. Synergies are created when various stages such as prevention, detection, and response each get incrementally better. All of this occurred before generative AI platforms were introduced in early 2023. Early usage of generative AI seems to help the workflow of SOC analytics in that there is automatic collection of artifacts, assembly of relevant threat intelligence, and guided remediation. The potential is there for the creation of domain-defined code generation which may be a game changer in several cybersecurity fields.