<ul><li>Enterprise networks face challenges due to the increasing volume of security alerts, leading to alert fatigue among SOC analysts.</li><li>Automated Alert Classification and Triage (AACT) system has been developed to automate SOC workflows by learning from analysts' actions and predicting triage decisions accurately in real-time.</li><li>The AACT system helps in automatically closing benign alerts and prioritizing critical ones, reducing the SOC queue and enabling analysts to focus on severe threats.</li><li>In real SOC environments, the AACT system has demonstrated high accuracy, reducing alerts shown to analysts by 61% over six months with a low false negative rate of 1.36%.</li></ul>

Automated Alert Classification and Triage (AACT): An Intelligent System for the Prioritisation of Cybersecurity Alerts

Discover more