Security firm Arctic Wolf has warned that context is essential for distinguishing legitimate activity from actual cyberattacks, with its latest report finding that 71% of alerts received by customers between May 2024 and April 2025 were ultimately false alarms, Cybersecurity Dive reports.Based on analysis of more than 10,000 customer environments, the report noted that alerts frequently stemmed from routine business actions such as login attempts from unusual locations, firewall rule changes, or email forwarding modifications.The study emphasized that without full telemetry and context, separating malicious behavior from benign activity can consume significant time and resources. The report also highlighted that identity-based threats are rising, with 72% of interventions tied to compromised accounts or password resets.Arctic Wolf said AI is playing a growing role in triaging alerts, with its own platform filtering 10% of alerts, or over 860,000 instances, reducing the burden on human analysts and allowing teams to focus on real risks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds