Machine learning came to security to increase the signal in systems like SIEMs. The algorithms were meant to do rule manipulations humans never could, and finally put us ahead of the threats that we knew are hiding in our mountains of raw data. What we are learning now is that machine learning is better at cleaning and targeting those data feeds so SIEM’s brute force is acting on good information.