The use of detective analytics is now a central piece of security architectures, as security professionals are increasingly encountering a needle-in-the-haystack problem. Security tools – especially rule-based ones – as well as systems, applications, and infrastructure, create so much data that it's tough to uncover the signal of a real attack.