Anvilogic and the SANS Institute Launch First Comprehensive Detection Engineering Report, A Fast-Evolving Field Critical to Modern Security
PALO ALTO, CA / ACCESS Newswire / February 19, 2025 / Anvilogic, the industry's first detection engineering platform that works across SIEMs and data lakes, today published the 2025 State of Detection Engineering Report in partnership with the SANS Institute, the most trusted resource for information security training, cybersecurity certifications and research. This is the industry's first comprehensive detection engineering survey report, which captures insights from security experts with detection engineering responsibilities. It sheds light on the changing role of this field as it becomes critical to modern security and is increasingly an issue that has board-level visibility and reporting.
"Detection engineering has evolved from a niche capability to a critical function that organizations are actively investing in today," said Kevin Gonzalez, VP of Security and Data, Anvilogic. "While it has gained board-level attention, our findings underscore the pressing need for robust data management, specialized skills like threat modeling and data engineering, and security leadership that understands the strategic importance of the rising function to fully realize its potential. We hope the insights in this report equip detection engineers and CISOs with the data needed to better understand the importance of detection engineering in driving smart investments."
Key insights covered in the report include:
The Rise of Detection Engineering
Detection engineers surveyed reported investment is surging, with 80% of organizations and 85% of large enterprises actively investing in the function. 60% have dedicated teams, signaling a clear shift from adoption to strategic priority.
While 67% of detection engineers report strong leadership backing and board-level visibility, those without support cite leadership's misunderstanding of the discipline as a primary barrier.
Detection Engineering Effectiveness and Skillsets
67% of respondents identify behavior-based detection as the most effective technique
81% report improved accuracy from custom detections tailored to their specific environment
Only 45% of organizations have adequate access to necessary data feeds to achieve their threat detection objectives, highlighting a significant operational gap
Threat modeling (53%) and data engineering (52%) top the list of critical skills that still need development
Future Outlook - AI and Automation
88% anticipate AI will significantly impact their operations within three years, but only 45% currently use AI in their detection engineering programs
93% of organizations either use or are planning to implement automation in their workflows within the next 12 months
The 2025 State of Detection Engineering report reveals an up-and-coming cybersecurity role at a pivotal moment where organizations increasingly recognize detection engineering not merely as a technical function but as a strategic imperative. While most organizations surveyed are investing in detection engineering capabilities and leadership support is strong, significant challenges around data accessibility, specialized skills, and resource allocation persist. Organizations must bridge these gaps through dedicated teams, improved education about the strategic value of the function, robust data management, and thoughtful integration of AI and automation to close resource constraints.
Read the full report here, and register for our upcoming webinar taking place on February 25 at 3:30 p.m. to dive deeper into the key takeaways from this report.
About Anvilogic
Anvilogic gives security teams the freedom to build and scale detection engineering across their security stack - without vendor lock-in or data silos. Whether deploying behavioral-based detections in a SIEM, data lake, or both, teams never have to choose between data visibility and cost. With Anvilogic, security teams can measure and align detection coverage to their unique threat priorities, build correlated detections tailored to their environment, and reduce manual maintenance with a security copilot that builds, tunes, and fixes broken rules. Trusted by leading security teams across finance, technology, and healthcare, Anvilogic helps enterprise organizations detect threats at scale and save millions of dollars. Learn more at www.anvilogic.com and follow us on LinkedIn.
Media Inquiries
Danielle Dougan
York IE for Anvilogic
ddougan@york.ie
SOURCE: Anvilogic
