AI and the Autonomous SOC - Separating Hype from Reality - Justin Beals, Itai Tevet - ESW #384
Description
There have been a lot of bold claims about how generative AI and machine learning will transform the SOC. Ironically, the SOC was (arguably) invented only because security products failed to make good on bold claims. The cybersecurity market is full of products that exist only to solve the problems created by other security products (Security Analytics, SOC Automation, Risk-Based Vulnerability Management).
Other products are natural evolutions and pick up where others leave off. In this interview, we'll explore what AI can and can't do, particularly when it comes to alert triage and other common SOC tasks.
Segment Resources:
- From Forrester: Generative AI Will Not Fulfill Your Autonomous SOC Hopes (Or Even Your Demo Dreams)
- From Intezer: Mastering SOC Automation in 2024: Tips, Trends and Tools
- The Future of SOC Automation Platforms
- SentinelOne wants to make the autonomous SOC a reality
Naturally, the next approach to try is a federated one. How do we break down cybersecurity into more bite-sized components? How do we alleviate all this CISO stress we've heard about, and make their job seem less impossible than it does today?
This will be a more standards and GRC focused discussion, covering:
- the reasons why cross-walking doesn't work
- the reasons why traditional TPRM approaches (e.g. questionnaires) don't work
- opportunities for AI to help
- risk management or sales support?
This week in the enterprise security news,
- Upwind Security gets a massive $100M Series B
- Trustwave and Cybereason merge
- NVIDIA wants to force SOC analyst millennials to socialize with AI agents
- Has the cybersecurity workforce peaked?
- Why incident response is essential for resilience
- an example of good product marketing
- who is Salvatore Verini, Jr. and why does he have all my data?
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-384