Responding to cybersecurity events quickly and accurately is vital to every organization. However, large amount of alerts and logs often increase incident handling time.

The authors of this paper introduce a Speculating Incident Zone (SPINZ) which analyzes internal network flows and detects an incident zone composed of devices related to the incident, thereby improving response times.

https://www.riverpublishers.com/journal_read_html_article.php?j=JCSM/8/3/3