Report by N-able
The 2025 State of the SOC Report
9 FINDINGSPublished Apr 24, 2025
View Original Report →Key Findings
AI now pulls indicators of compromise (IOCs) in as quickly as 10 seconds.
N-ableThe 2025 State of the SOC Report·Apr 24, 2025
AIIOCs
44% of threat detections originate from the cloud.
N-ableThe 2025 State of the SOC Report·Apr 24, 2025
Threat detectionCloud
56% of threat detections originate from the endpoint.
N-ableThe 2025 State of the SOC Report·Apr 24, 2025
Threat detectionEndpoint
86% of security alerts escalate into tickets, which indicates that most alerts still require human validation.
N-ableThe 2025 State of the SOC Report·Apr 24, 2025
Security alertsVulnerabilities
AI can automate 70% of all incident investigations and threat remediation activity.
N-ableThe 2025 State of the SOC Report·Apr 24, 2025
AIIncident investigationThreat remediation
86% of security alerts escalate into tickets, which indicates that most alerts still require human validation.
N-ableThe 2025 State of the SOC Report·Apr 24, 2025
Security alertsVulnerabilities
AI now pulls indicators of compromise (IOCs) in as quickly as 10 seconds.
N-ableThe 2025 State of the SOC Report·Apr 24, 2025
AIIOCs
AI can automate 70% of all incident investigations and threat remediation activity.
N-ableThe 2025 State of the SOC Report·Apr 24, 2025
AIIncident investigationThreat remediation
44% of threat detections originate from the cloud.
N-ableThe 2025 State of the SOC Report·Apr 24, 2025
Threat detectionCloud