Go back

More Tools, More Problems?

Too many security tools generate as much additional work as they do alerts: the best reduce both risk and toil.

Industry Insights
September 3, 2025
4m read
4m read
4m listen
4m watch
4m watch
More Tools, More Problems HeaderMore Tools, More Problems Thumbnail
speakers
speakers
speakers
authors
Patrick Duffy
participants
No items found.
share

Too many security tools generate as much additional work as they do alerts: the best reduce both risk and toil.

I came across a thread on r/cybersecurity the other day that really struck a nerve. The original post hit on a statistic brought up at M365 in New York that organizations with 12 or more tools in their security stack were seeing nearly three times as many incidents as others. 

The discussion in that thread covered the expected range of opinions, and it hit home with me, because the underlying issues are among the core problems that we’re trying to solve here at Material.

Spoiled for choice

The end goal of adding new tools to your security stack is, obviously, to protect your environment somehow: to detect more threats, harden your posture, give your team more visibility, or some combination thereof. 

We’ve got no shortage of options for tools in the security industry. We’ve all seen some variation of the security vendor landscape map, and they’re all seeing-eye charts of tiny logos floating in a sea of vendors. 

There’s a reason all those vendors exist and so many of them not only stay in business but thrive: because most of them are at least pretty good at what they do. They detect the threats, misconfigurations, vulnerabilities, and other risks lurking in your environment. And if you choose your new tools with at least some degree of competence, each new tool will find problems that your existing toolset couldn’t… otherwise, why buy the tool.

But where so many security tools miss the mark is that while they may be great at finding problems, many (most?) are not so great at helping you fix them. 

Visibility isn’t the enemy

When you add a new tool to your stack and suddenly see more incidents and alerts, it’s not because your environment suddenly got riskier: it’s because you’re shining light on things you couldn’t see before. That’s a good thing. Nobody wants to be flying blind. 

But visibility alone doesn’t make your life easier. In fact, it usually makes it harder because now you’re buried under another feed of alerts, another dashboard, and another pile of “maybe bad” signals to sort through.

Shiny new tool, terrifying new workload

If you’ve ever trialed a tool that bragged about “catching everything,” you know what happens next: your team spends half the day chasing false positives, manually correlating signals, and reconciling dashboards. Some email security and SaaS tools are especially guilty of this — they flood you with “detections” that look impressive in a demo but turn into chores in production.

That’s not security. That’s overhead. The end result is that your new tool detected a bunch of new problems that existed before, but you were blissfully ignorant of. Now, they’re a new problem to solve.

And this is where skeptics of point solutions and buying a slew of best-in-breed products have a bit of a point: too many detection tools flood you with alerts. That now-old joke that the “R” is silent in most “detection and response” tools exists for a reason and still rings true today. Every “AI-powered” inbox filter or “next-gen” anomaly detector loves to hand you a dashboard of possible problems.

There’s a certain saturation point where too many signals–even strong, valid ones–become noise in and of themselves. Particularly for lean security teams, being buried in blinking red lights doesn’t solve the problems you’re suddenly detecting. You burn cycles chasing false positives, reconciling dashboards, and manually triaging junk. Which, not coincidentally, is how a lot of so-called email security platforms end up being more pain than protection.

The right way forward

The reality is there’s no “correct” number of tools in your stack, obviously. Every organization is different, with different needs and security teams of different sizes and specialties. 

The number of tools you’re using doesn’t matter, what matters is whether a tool:

  • Closes a blind spot left by your other tools that actually matters
  • Automates as much work as realistically possible
  • Gives you a clear outcome instead of another “insight” to babysit

If a tool can’t check at least two of those boxes… is it really worth it? 

I’ve seen this dynamic play out across different parts of the industry. Teams add tools because they want to be safer–and in many cases they get the visibility they need. But far too often, the tools can’t effectively operationalize the information they provide.

What separates the products that last from the ones that get ripped out is usually pretty simple: they reduce risk and reduce toil. 

That’s the north star in my work now. The best security tools don’t just tell you what’s wrong, they help you fix it. They give you peace of mind and they give you and your team time back, so you can put that mental energy into pushing your business and your security strategy forward, rather than playing whack-a-mole on yet another console.

Frequently Asked Questions

Find answers to common questions and get the details you need.

No items found.

Related posts

Our blog is your destination for expert insights, practical tips, and the latest news in technology. Stay informed with our regular updates and in-depth articles. Join the conversation and enhance your understanding of the tech landscape.

blog post

Hack Week 2025 Recap

Our annual Hack Week brings together cross-functional teams to rapidly prototype creative ideas, inspired by customer insights, that improve our product and foster collaboration, innovation, and team bonding.

Abhishek Agrawal
3
m read
Read post
Podcast

Hack Week 2025 Recap

Our annual Hack Week brings together cross-functional teams to rapidly prototype creative ideas, inspired by customer insights, that improve our product and foster collaboration, innovation, and team bonding.

3
m listen
Listen to episode
Video

Hack Week 2025 Recap

Our annual Hack Week brings together cross-functional teams to rapidly prototype creative ideas, inspired by customer insights, that improve our product and foster collaboration, innovation, and team bonding.

3
m watch
Watch video
Downloads

Hack Week 2025 Recap

Our annual Hack Week brings together cross-functional teams to rapidly prototype creative ideas, inspired by customer insights, that improve our product and foster collaboration, innovation, and team bonding.

3
m listen
Watch video
Webinar

Hack Week 2025 Recap

Our annual Hack Week brings together cross-functional teams to rapidly prototype creative ideas, inspired by customer insights, that improve our product and foster collaboration, innovation, and team bonding.

3
m listen
Listen episode
blog post

Solidifying Security Culture Empowers Your First Line of Defense

A strong security culture is easy to talk about but hard to achieve. Making sure your tech stack and your processes support your people is a critical first step.

Nate Abbott
4
m read
Read post
Podcast

Solidifying Security Culture Empowers Your First Line of Defense

A strong security culture is easy to talk about but hard to achieve. Making sure your tech stack and your processes support your people is a critical first step.

4
m listen
Listen to episode
Video

Solidifying Security Culture Empowers Your First Line of Defense

A strong security culture is easy to talk about but hard to achieve. Making sure your tech stack and your processes support your people is a critical first step.

4
m watch
Watch video
Downloads

Solidifying Security Culture Empowers Your First Line of Defense

A strong security culture is easy to talk about but hard to achieve. Making sure your tech stack and your processes support your people is a critical first step.

4
m listen
Watch video
Webinar

Solidifying Security Culture Empowers Your First Line of Defense

A strong security culture is easy to talk about but hard to achieve. Making sure your tech stack and your processes support your people is a critical first step.

4
m listen
Listen episode
blog post

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

Material Security Team
12
m read
Read post
Podcast

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

12
m listen
Listen to episode
Video

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

12
m watch
Watch video
Downloads

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

12
m listen
Watch video
Webinar

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

12
m listen
Listen episode
blog post

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

Nate Abbott
5
m read
Read post
Podcast

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

5
m listen
Listen to episode
Video

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

5
m watch
Watch video
Downloads

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

5
m listen
Watch video
Webinar

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

5
m listen
Listen episode
Privacy Preference Center

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.