EP242 The AI SOC: Is This The Automation We've Been Waiting For?
Sep 08, 2025•34 min•Season 1Ep. 242
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more
Episode description
Guest:
-
Augusto Barros, Principal Product Manager, Prophet Security, ex-Gartner analyst
Topics:
- What is your definition of "AI SOC"?
- What will AI change in a SOC? What will the post-AI SOC look like?
- What are the primary mechanisms by which AI SOC tools reduce attacker dwell time, and what challenges do they face in maintaining signal fidelity?
- Why would this wave of SOC automation (namely, AI SOC) work now, if it did not fully succeed before (SOAR)?
- How do we measure progress towards AI SOC? What gets better at what time? How would we know? What SOC metrics will show improvement?
- What common misconceptions or challenges have organizations encountered during the initial stages of AI SOC adoption, and how can they be overcome?
- Do you have a timeline for SOC AI adoption? Sure, everybody wants AI alerts triage? What's next? What's after that?
Resources:
- "State of AI in Security Operations 2025" report
- LinkedIn SOAR vs AI SOC argument post
- Are AI SOC Solutions the Real Deal or Just Hype?
- EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI
- EP238 Google Lessons for Using AI Agents for Securing Our Enterprise
- EP223 AI Addressable, Not AI Solvable: Reflections from RSA 2025
- RSA 2025: AI's Promise vs. Security's Past — A Reality Check
- "Noise: A flaw in human judgement" book
- "Security Chaos Engineering" book (and Kelly episode)
- A Brief Guide for Dealing with 'Humanless SOC' Idiots
For the best experience, listen in Metacast app for iOS or Android