AI is reshaping how companies protect themselves against cyber threats, according to new research from ISG Software Research.
Enterprises are building layered cybersecurity defense systems that combine access controls, endpoint monitoring, and data recovery, and artificial intelligence is helping these systems adapt faster and work more effectively.
Security is becoming more complex as threats evolve and attack surfaces expand. In response to this, organizations are adopting integrated software platforms designed to detect, prevent, and recover from incidents quicker.
A new set of reports from ISG outlines how AI is being embedded in nearly every category of cybersecurity software, from identity and access management to data backup.
The research draws on more than a year of analysis and ranks 57 cybersecurity software providers across four key segments: security information and event management (SIEM), identity and access management (IAM), endpoint detection and response (EDR), and data recovery.
It offers performance evaluations across product capabilities and customer experience, aiming to guide IT leaders and decision-makers in selecting the right tools for today’s and tomorrow’s risks.
SIEM forms the core of many modern security frameworks. These systems collect and analyze security data from multiple sources, allowing teams to monitor behavior patterns and spot threats in real time.
ISG notes that providers are now using generative AI to automate these processes, speeding up the identification of anomalies and even drafting response recommendations in natural language.
AI is also transforming IAM software. These tools help businesses control who can access which systems and when.
Streamlining cybersecurity
With the growing number of human and machine users, automation is becoming essential. ISG highlights how generative AI can streamline tasks like provisioning and revoking user access.
Looking ahead, agentic AI may enable IAM systems to make more decisions on their own, responding to changing threats by adjusting user permissions without human intervention.
EDR software, which keeps watch over endpoints like laptops and phones, is also benefitting from AI-driven analysis. By prioritizing alerts based on risk, and scanning telemetry data more efficiently, AI-enhanced EDR platforms can help teams focus on the most urgent threats without getting overwhelmed by false positives.
ISG’s research also notes the importance of data recovery tools in dealing with ransomware and other such devastating attacks. These tools are gaining features such as continuous data protection, which enables recovery to any point in time.
ISG says that by 2027, most enterprises will have adopted this approach to safeguard critical data and minimize downtime.
Across all categories, the top-ranked software vendors are integrating AI in ways that improve both performance and usability. Microsoft was a consistent leader, topping three of the four platform categories and scoring highly in most evaluation areas.
Other notable leaders included IBM, Oracle, Splunk, AWS, SentinelOne, and Palo Alto Networks. Some providers were recognized for innovation, such as SentinelOne in EDR and Delinea in IAM.
Each platform category was assessed using seven criteria. Five addressed the product itself: capability, usability, manageability, adaptability, and reliability. The other two focused on customer assurance: validation and total cost of ownership. ISG identified leaders in each category and then named overall leaders for each platform based on combined scores.
For SIEM, Microsoft, Splunk, and ManageEngine earned top honors. In IAM, Microsoft, IBM, and Oracle led the way. In EDR, Microsoft ranked first, followed by SentinelOne and Palo Alto Networks. For data recovery, AWS took the top spot, with Microsoft and IBM tied in second place.
ISG describes its Buyers Guides as independent research, conducted without sponsorship, to provide objective insights for enterprise software planning.
“Effective cybersecurity in enterprises requires a unified approach covering all types of attacks and all means of prevention and recovery,” said Mark Smith, partner and chief software analyst, ISG Software Research. “The software to build this type of defense is rapidly evolving, and changes caused by AI and future quantum computing will require the right software partners. Our ratings and rankings of cybersecurity software, in the context of an end-to-end approach, guide enterprises and CISOs that seek to supercharge existing frameworks for an unknown future.”
What do you think about AI’s growing role in enterprise cybersecurity? Let us know in the comments.
Image Credit: BiancoBlue / Dreamstime.com
