In modern network security monitoring, it is not enough to just detect bad things happening. ROI of security operations is always under scrutiny. Security teams, when they exist, and their leadership (CISOs), continually struggle to get budget, at least until a public breach occurs.

Awareness of the overall security posture of a corporate network is difficult to achieve. Threat and risk identification is difficult, and estimating the costs of potential breaches and compliance violations can be wildly off base, usually underestimated, or rejected by other executives or company boards due to many reasons.