What's frustrating security analysts on a daily basis? When we asked that question in our recently published 'Voice of the SOC Analyst' survey, the number one answer was "spending time on manual work" like reporting, monitoring, and detection.
Why would that frustrate them? Manual tasks are repetitive, mundane, and tedious, and force analysts to spend most of their day or week chasing down answers or following up on alerts, only to do it again the next day. We also uncovered that the top tasks analysts are spending the most time on every day — reporting, monitoring, and detection — are the tasks they like the least. It's frustrating because they're not able to do what they really should be doing: analysis.
Manual work has long been part of an analyst's job. But why should they continue to do these manual tasks when they could automate those tasks, freeing them up to do more strategic and high-impact work that they want to do — and that their organizations would benefit from?
At Tines, we're dedicated to empowering security teams with no-code automation, and here are seven tasks analysts would automate today if they had the tools.
Top seven tasks security analysts think should be automated
If analysts had access to tools to automate specific tasks tomorrow, which tasks would they choose to automate first?
Risk assessments (24.8%): Analysts are spending so much time assessing risks that crop up, so it's the first task they would automate. Detection, monitoring, and evaluating risk don't need a human involved initially, and assessment can be automated so that analysts only get pulled in to apply their judgment when higher-risk threats are detected.
Intelligence analysis (19.2%): Similarly, analysts spend so much time interrogating threats that intelligence analysis is another task they would automate. Automating this task would allow alerts to arrive with richer, more actionable context so that an analyst can respond f