Zero-Day Attacks, Advanced Persistent Threats, and other types of unknown malware have been specifically constructed to bypass modern defense. Thus, improved threat detection is essential. We have become too dependent on threat detection software and devices. Threat monitoring, detecting behavioral changes, can overcome the limitations of signature-based intrusion detection and anti-malware heuristic analysis ... but only after analysis by the human brain.
This presentation accepts that attacks are inevitable and that detection is critical for containment. However, the machine alone cannot determine whether a threat is real. The human brain is needed.