Which KPI metric does SOAR use to measure the time required to stop the spread of malware in the network?
- MTTD
- MTTR
- MTTC
- Time to Control
Answers Explanation & Hints: The common key performance indicator (KPI) metrics compiled by SOC managers are as follows:
• Dwell Time: the length of time that threat actors have access to a network before they are detected and the access of the threat actors stopped
• Mean Time to Detect (MTTD): the average time that it takes for the SOC personnel to identify that valid security incidents have occurred in the network
• Mean Time to Respond (MTTR): the average time that it takes to stop and remediate a security incident
• Mean Time to Contain (MTTC): the time required to stop the incident from causing further damage to systems or data
• Time to Control: the time required to stop the spread of malware in the network