We are happy to introduce new features to improve your experience with our platform. Here's what's included in this release:
What’s New
- MTTD - Mean Time to Detect
MTTD measures the average time taken to detect a security incident. This means the time taken to raise a signal after the raw log event for the same has been ingested. MTTD helps in the following:
- Early Threat Identification: MTTD allows security teams to assess how quickly they can identify potential security incidents. A lower MTTD means quicker detection, reducing the time attackers have to cause damage.
- Reducing Incident Impact: Faster incident detection leads to quicker responses, which can limit the scope of damage, data loss, or disruption. A low MTTD minimizes the window for attackers to exploit vulnerabilities.
- Improving Security Posture: MTTD is a key metric in continuous improvement processes. Tracking it over time helps organizations refine detection mechanisms, rules, and policies in their SIEM system to reduce detection times further.
- Compliance and Reporting: Many industries have regulations requiring that incidents be detected and reported within a certain timeframe. MTTD ensures that organizations comply with these requirements by providing a measurable way to track detection speed.
Note: The Time to Detect (TTD) will be calculated daily at midnight for each region. TTD values will be calculated for signals generated on or after the feature release date.