SIEMs now process an average of 259 log types and nearly 24,000 unique log sources, providing more than enough telemetry to detect over 90% of MITRE ATT&CK techniques (an increase of three percent from 2024) – but manual, error-prone detection engineering practices continue to limit actual coverage.
SIEMs now process an average of 259 log types and nearly 24,000 unique log sources, providing more than enough telemetry to detect over 90% of MITRE ATT&CK techniques (an increase of three percent from 2024) – but manual, error-prone detection engineering practices continue to limit actual coverage. — This cybersecurity statistic was published by CardinalOps in June 2025. It covers topics including SIEM. The original data appears in 2025 State of SIEM Report. For the full methodology and detailed findings, refer to the original report.
Share or Copy this stat
Frequently Asked Questions
What does this statistic say?
SIEMs now process an average of 259 log types and nearly 24,000 unique log sources, providing more than enough telemetry to detect over 90% of MITRE ATT&CK techniques (an increase of three percent from 2024) – but manual, error-prone detection engineering practices continue to limit actual coverage. This data was published by CardinalOps and covers SIEM.
Where does this data come from?
This statistic comes from 2025 State of SIEM Report, published by CardinalOps on June 5, 2025. You can view the original report at https://cardinalops.com/white-papers/2025-state-of-siem-report-download/.
What cybersecurity topics does this cover?
This statistic relates to SIEM. Browse more statistics on SIEM or from CardinalOps.