CISO • PREVENTION

    Prevention Success Rate

    Measures auto-containment effectiveness: what was blocked, what required manual intervention, and overall response time.

    What it shows

    This metric is a direct measure of resilience. It shows how often QuantLayer prevented escalation automatically—reducing reliance on human speed during incidents.

    How it’s calculated

    • Auto-contained count: quarantines, session terminations, access denials, traffic filtering actions.
    • Manual interventions: tickets that required human approval or operator intervention.
    • Response time: time from detection → containment (median and average).

    What to do next

    1. 1
      Increase automation
      for repeatable high-confidence detections.
    2. 2
      Reduce manual steps
      by pre-approving playbooks for specific asset classes.
    3. 3
      Set containment SLAs
      by severity and validate compliance monthly.
    4. 4
      Use this for ROI
      : quantify hours saved and downtime avoided.

    KPIs to watch

    Success rate
    %
    Manual interventions
    count
    Avg response
    seconds

    Why this matters to a CISO

    AI only works if it’s trustworthy
    If models drift or confidence drops, you’re flying blind. This keeps the AI layer honest.
    Drift is normal in OT
    New firmware, new shifts, new processes—all cause drift. You need to detect it early before it erodes detection quality.
    Confidence drives automation
    You can’t let AI auto-contain based on shaky confidence. This metric ensures automation stays aligned with risk appetite.
    Feedback loops improve accuracy
    Every analyst decision sharpens the models. This closes the loop between human intelligence and machine learning.
    Reference UI Screenshot
    Prevention Success Rate screenshot