Sep 8, 2025
Guest:
-
Augusto Barros, Principal Product Manager, Prophet Security, ex-Gartner analyst
Topics:
- What is your definition of “AI SOC”?
- What will AI change in a SOC? What will the post-AI SOC look like?
- What are the primary mechanisms by which AI SOC tools reduce attacker dwell time, and what challenges do they face in maintaining signal fidelity?
- Why would this wave of SOC automation (namely, AI SOC) work now, if it did not fully succeed before (SOAR)?
- How do we measure progress towards AI SOC? What gets better at what time? How would we know? What SOC metrics will show improvement?
- What common misconceptions or challenges have organizations encountered during the initial stages of AI SOC adoption, and how can they be overcome?
- Do you have a timeline for SOC AI adoption? Sure, everybody wants AI alerts triage? What’s next? What's after that?
Resources:
- “State of AI in Security Operations 2025” report
- LinkedIn SOAR vs AI SOC argument post
- Are AI SOC Solutions the Real Deal or Just Hype?
- EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI
- EP238 Google Lessons for Using AI Agents for Securing Our Enterprise
- EP223 AI Addressable, Not AI Solvable: Reflections from RSA 2025
- RSA 2025: AI’s Promise vs. Security’s Past — A Reality Check
- “Noise: A flaw in human judgement” book
- “Security Chaos Engineering” book (and Kelly episode)
- A Brief Guide for Dealing with ‘Humanless SOC’ Idiots