Ep167: Leveraging Amazon Bedrock and Agents for Accelerating Innovation and Engineering with Trellix
Update: 2025-11-05
Description
Trellix's Director of Strategy Zak Krider reveals how they automated tedious security tasks like event parsing and threat detection using Amazon Bedrock's multi-model approach, achieving 100% accuracy while eliminating bottlenecks in their development lifecycle.
Topics Include:
- Trellix merged FireEye and McAfee Enterprise, combining two decades of cybersecurity AI expertise
- Processing thousands of daily security events revealed traditional ML's weakness: overwhelming false positives
- Two years ago, they integrated generative AI to automate threat investigation workflows
- Amazon Bedrock's multi-model access enabled rapid testing and "fail fast, learn fast" methodology
- Built custom cybersecurity testing framework since public benchmarks don't reflect domain-specific needs
- Agentic AI now autonomously investigates threats across dark web, CVEs, and telemetry data
- AWS NOVA builds investigation plans while Claude executes detailed threat research analysis
- Launched "Sidekick" internal tool with agents mimicking human developer onboarding processes
- Chose prompt engineering over fine-tuning for flexibility, cost-effectiveness, and faster iteration
- Automated security rule generation across multiple languages that typically require unicorn developers
- Achieved 100% accuracy in automated event parsing, eliminating tedious manual SOC work
- Key lesson: don't default to one model; test and mix for optimal results
Participants:
- Zak Krider - Director of Strategy & AI, Trellix
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
Comments
In Channel
Download from Google Play
Download from App Store
United States00:00
00:00
1.0x
