AI Strengthening Cybersecurity Software — ISG - July 10th, 2025

Growing and evolving security threats make it increasingly important for enterprises to deploy advanced cybersecurity software and to understand its intricacies and capabilities, according to new research from global AI-centered technology research and advisory firm Information Services Group (ISG).

The ISG Buyers Guides for Cybersecurity, produced by ISG Software Research, provide the rankings and ratings of 57 software providers and their products that address enterprise cybersecurity needs. The research is designed to help enterprise security leaders make informed decisions on selecting and deploying tools to foster a safer digital environment. The research finds that a growing majority of organizations will use advanced security software in the coming years as generative AI transforms the capabilities of these products.

Unlike in business application software, there is no one cybersecurity provider with a complete offering to address all enterprise security challenges. Reacting to new vulnerabilities and an amorphous attack surface puts security teams at a disadvantage.

“Given the massive financial and reputational damage data breaches can cause, proactive strategies for identity management, data recovery and threat detection and response are essential,” said Jeff Orr, director, ISG Software Research. “Providers are using AI to improve all categories of security software, so enterprises need to stay informed to know what is possible.”

The backbone of modern cybersecurity operations is security information and event management (SIEM), a comprehensive system for collecting, aggregating and analyzing security data from multiple sources, the research finds. By centralizing logs and security events from network devices, servers and applications, SIEM platforms offer real-time visibility into incidents and analyze the data so security teams can detect patterns of malicious behavior. SIEM also helps companies comply with data privacy regulations by providing audit trails and required controls.

Providers are enhancing SIEM platforms with GenAI by automating anomaly detection and responses to threats, the research shows. AI algorithms can constantly process vast amounts of security data. GenAI-enabled natural-language processing automates investigations of security alerts and generates detailed narratives and recommendations.

Identity and access management (IAM) integrates with SIEM to perform a crucial role in enterprise security, managing user identities and access permissions for employees, contractors, partners and the growing number of non-human identities that need to access enterprise resources, ISG finds. Using GenAI, IAM software providers automate routine functions such as provisioning and de-provisioning of user accounts, streamlining enterprise processes. In the future, agentic AI may enable fully autonomous management of access controls and user identities, proactively adjusting permissions based on emerging threats or changes in user roles.

Endpoint detection and response (EDR) software, which monitors endpoints for suspicious behaviors and indicators that they have been compromised, is another valuable tool for enterprise resilience against sophisticated cyberattacks, the research shows. GenAI enables EDR software to automatically analyze endpoint telemetry and prioritize alerts based on risk.

To learn more, visit: www.isg-one.com