Automating the dispensation and response to common SOC events ensures that real alerts get important eyes from SOC analysts and ISSOs faster. Fewer alerts also means lower likelihood of your teams developing alert fatigue.
Your attackers rely on automation to rapidly scan for potential gaps they can exploit. Your own defenses and automation can close those doors the second suspicious activity is detected, leaving your attackers without the access they want.
By taking likely action in real-time, would-be attackers find themselves outpaced and with limited attack options.