Deterministic analysis yields factual, explainable results. The cause will be specific, and there are low numbers of false positive reports.

Probabilistic analysis does not yield definitive results. With larger datasets, the accuracy increases, but probabilistic results will never reach the accuracy of deterministic analysis. Probabilistic analysis normally highlights more suspicious events, but some of these will be False Positives.

When a probabilistic analysis is conducted, the operators must decide what they think the cause is, and therefore how to prioritize the incident. To do this, they must decide what is the most likely threat, but also which is the most dangerous threat that fits with the observed symptoms (and everything in between). They can then look at the risks involved (severity combined with likelihood).