Building a SOC Team in 2024 - Automation & AI
Description
What is the future of SOC? In this episode Ashish sat down with Allie Mellen, Principal Analyst at Forrester, to explore the current state of security operations and the evolving role of AI in cybersecurity. Allie spoke about why Cloud Detection Response (CDR) might be dead, how Generative AI is failing to live up to its hype in security use cases, and why automation will never fully replace human security analysts.
We get into the challenges faced by SOC teams today, the burnout issue among security analysts, and how adopting detection engineering and eliminating the outdated structures could transform the way security teams operate.
Guest Socials: Allie's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security BootCamp
Questions asked:
(00:00 ) Introduction
(02:48 ) A bit about Allie
(03:13 ) The role of analysts in cybersecurity
(05:56 ) What is EDR?
(06:30 ) What is XDR?
(08:42 ) The impact of GenAI
(10:19 ) How is GenAI going to impact SOAR?
(14:52 ) Where to start with SOC?
(24:08 ) Starting to build your SOC team
(27:32 ) How SOC should respond to new technology?
(31:48 ) Expectations from Managed SOC providers
(35:16 ) Detection challenges for Hybrid Environments
(38:01 ) Level 2 and 3 SOC in new world
(42:37 ) What training is required for the SOC team?
(48:49 ) How will this space evolve?
(51:48 ) The Fun Questions
Resources spoken about during the interview:
United States
