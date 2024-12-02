According to a survey conducted by Rapid7, 62% of organizations get too many alerts. The majority of respondents, or 54%, said their teams were only able to investigate 10 or fewer alerts per day, partly due to how long these investigations take. The password protection policy of a large financial services institution with more than 5,000 employees.

Meanwhile, 90% of respondents said that they are worried about attacks using compromised credentials, while 60% said that they cannot detect these kinds of attacks.

One solution is to use user behavior analytics to spot credentials that are being used in unusual ways, a possible sign that they have been compromised.

Of the 40% of respondents who said they can detect attacks that use compromised credentials, 27% said that they have user behavior analytics in place. Only 21% of respondents said that they are monitoring the use of cloud services with their SIEM, and only 33% said that they have security visibility into cloud services.