Report by N-able

The 2025 State of the SOC Report

9 FINDINGSPublished Apr 24, 2025
View Original Report →

Key Findings

AI now pulls indicators of compromise (IOCs) in as quickly as 10 seconds.

N-ableThe 2025 State of the SOC Report·1y ago
AIIOCs

44% of threat detections originate from the cloud.

N-ableThe 2025 State of the SOC Report·1y ago
Threat detectionCloud

56% of threat detections originate from the endpoint.

N-ableThe 2025 State of the SOC Report·1y ago
Threat detectionEndpoint

86% of security alerts escalate into tickets, which indicates that most alerts still require human validation.

N-ableThe 2025 State of the SOC Report·1y ago
Security alertsVulnerabilities

AI can automate 70% of all incident investigations and threat remediation activity.

N-ableThe 2025 State of the SOC Report·1y ago
AIIncident investigationThreat remediation

86% of security alerts escalate into tickets, which indicates that most alerts still require human validation.

N-ableThe 2025 State of the SOC Report·1y ago
Security alertsVulnerabilities

AI now pulls indicators of compromise (IOCs) in as quickly as 10 seconds.

N-ableThe 2025 State of the SOC Report·1y ago
AIIOCs

AI can automate 70% of all incident investigations and threat remediation activity.

N-ableThe 2025 State of the SOC Report·1y ago
AIIncident investigationThreat remediation

44% of threat detections originate from the cloud.

N-ableThe 2025 State of the SOC Report·1y ago
Threat detectionCloud