Guest:
- Dennis Chow, Director of Detection Engineering at UKG
Topics:
SIEM and SOC Artificial Intelligence
Topics covered:
- We ended our season talking about the AI apocalypse. In your opinion, are we living in the world that the guests describe in their apocalypse paper?
- Do you think AI-powered attacks are really here, and if so, what is your plan to respond? Is it faster patching? Better D&R? Something else altogether?
- Your team has a hybrid agent workflow: could you tell us what that means? Also, define “AI agent” please.
- What are your production use cases for AI and AI agents in your SOC?
- What are your overall SOC metrics and how does the agentic AI part play into that?
- It's one thing to ask a team "hey what did y'all do last week" and get a good report - how are you measuring the agentic parts of your SOC?
- How are you thinking about what comes next once AI is automatically writing good (!) rules for your team out of research blog posts and TI papers?