"More visibility means more signals to analyze. More policies generate more signals. In fact, when an organization doubles their policies we see an approximately 6x increase in the amount of first layer alerts. That means six times as much that needs to be analyzed, either manually or by a second layer of analytics." Read the collaborative report from Cyentia & Securonix: https://www.securonix.com/resources/quantifying-siem-effectiveness/ #infosec #cybersecurity