Case Study: University of Oklahoma cuts escalations from 350 to 2–9 per week with Respond Software

University of Oklahoma - Customer Case Study

The University of Oklahoma, responsible for roughly 90,000 user accounts and more than 120,000 devices at peak, faced an overwhelming security signal problem: IDS/IPS and firewall sensors produced on the order of 80 million events per week and about 350 escalated alerts weekly, while a small security team (largely students) tried to both train future analysts and protect institutional data. To address this, OU engaged Respond Software and evaluated its Respond Analyst decision‑automation platform to reduce noise and make triage manageable.

Respond Software deployed the Respond Analyst to mimic human analyst decision‑making and automatically vet events, cutting the team’s escalated workload from ~350 alerts/week to just 2–9 vetted incidents/week — the vendor reports this equates to adding the capacity of 68 human analysts and a 99% reduction in noise (with a 100% accuracy claim over a one‑week period). As a result, OU has faster, more focused incident response, reduced malware and data‑exfiltration risk, improved staff confidence, and a path toward expanded 24x7 coverage.

University of Oklahoma

Aaron Baillio

Deputy CISO