Tag: soc
-
9 ways CISOs can combat AI hallucinations
Tags: access, ai, breach, ciso, compliance, control, corporate, cybersecurity, data, defense, encryption, flaw, framework, GDPR, governance, identity, metric, penetration-testing, regulation, risk, soc, tool, trainingTreat AI outputs as drafts, not finished products: One of the biggest risks is over-trusting AI, according to security experts. Coté says her organization changed its policy so AI-generated content cannot go straight into compliance documentation without a human review.”The moment your team starts treating an AI-generated answer as a finished work product, you have…
-
AI SOC Firm Tenex Raises $250M to Drive Faster Response
Founder and CEO Eric Foster Wants to Reduce Dwell Time and Scale Engineering Teams. Tenex plans to use its $250 million Series B funding to expand its AI-driven SOC platform and hire hundreds of engineers. The company aims to improve alert coverage, automate response and reduce attacker dwell time while maintaining human oversight for complex…
-
Beyond Alert Fatigue: What European SOCs Actually Struggle With
Results from a Survey among SOC professionals from the region on what is the state of AI in SecOps in Europe First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/beyond-alert-fatigue-what-european-socs-actually-struggle-with/
-
3 SOC Process Fixes That Unlock Tier 1 Productivity
What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat alone. They come from fragmented workflows, manual triage steps, and limited visibility early in the investigation. Fixing those process gaps can help Tier 1 move faster, reduce unnecessary…
-
How to Evaluate AI SOC Agents: 7 Questions Gartner Says You Should Be Asking
AI SOC agents can reduce alert fatigue, but most teams fail to measure real outcomes. Prophet Security breaks down Gartner’s questions for evaluating AI SOC agents and separating real impact from hype. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/how-to-evaluate-ai-soc-agents-7-questions-gartner-says-you-should-be-asking/
-
GPT Can’t Trace an Attack Chain. A Purpose-Built Cybersecurity LLM Can.
A purpose-built cybersecurity LLM is trained on security data from the ground up, not a general-purpose model with a security prompt. Here’s why the architecture matters for SOC operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/gpt-cant-trace-an-attack-chain-a-purpose-built-cybersecurity-llm-can/
-
Arctic Wolf und Wiz helfen gemeinsam Unternehmen Cloud-Bedrohungen zu verstehen und abzuschwächen
Arctic Wolf und Wiz (nun Teil von Google-Cloud) geben eine Partnerschaft bekannt, die eine neue Integration zwischen Wiz und der <> umfasst. Die Partnerschaft folgt auf die jüngsten Ankündigungen von Arctic Wolf zur Einführung des sofort einsatzbereiten Aurora-Agentic-SOC sowie der Aurora-Superintelligence-Platform, die Unternehmen dabei unterstützen, vertrauenswürdige KI in Security-Operations zu operationalisieren. […] First seen on…
-
AI SOC vendors are selling a future that production deployments haven’t reached yet
Vendors selling AI-powered security operations platforms have built their pitches around a consistent set of promises: autonomous threat investigation, dramatic reductions in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/26/future-ai-soc-vendor-claims/
-
Seceon Wins Four Global InfoSec Awards at RSA 2026 and Launches ADMP and SeraAI 2.0 Autonomous SOC
Open Threat Management platform sweeps four award categories at RSA Conference while announcing ADMP and SeraAI 2.0. SAN FRANCISCO, March 24, 2026 /PRNewswire/, Seceon Inc., developer of the Open Threat Management (OTM) Platform, today announced four wins at Global InfoSec Awards 2026, presented at RSA Conference. The awards span MSSP enablement, critical infrastructure protection, First…
-
Inside RSA 2026: Security Leaders Grapple With AI’s Growing Role and Risks
RSA Conference 2026 spotlights AI in cybersecurity, from SOC automation to governance challenges, as experts weigh trust, control, and risk. The post Inside RSA 2026: Security Leaders Grapple With AI’s Growing Role and Risks appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-rsa-conference-2026-ai-cybersecurity-soc-governance/
-
Obfuscated VBS and PNG Loaders Power New Open Directory Malware Campaign with RAT Payloads
A sophisticated, multi-stage delivery framework leveraging obfuscated Visual Basic Script (VBS) files, fileless PowerShell loaders, and payloads hidden within PNG images. The activity was initially detected by LevelBlue’s Managed Detection and Response (MDR) SOC through a SentinelOne alert involving a suspicious VBS file. The file, identified as Name_File.vbs, was located in a public downloads directory…
-
The Best AI SOC Platforms 2026: Comprehensive Comparison Guide
Comprehensive guide to the best AI SOC platforms in 2026. Compare autonomous SOC solutions, pricing, integrations, and key differentiators. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-best-ai-soc-platforms-2026-comprehensive-comparison-guide/
-
Sumo Logic Expands Dojo AI With SOC Analyst Agent That Recommends Actions, Not Just Alerts
Sumo Logic is pushing its Dojo AI platform further into decision territory at RSAC 2026, announcing expanded AI agent capabilities that go beyond surfacing context to actually recommending what analysts should do next. The company’s new SOC Analyst Agent, now in preview, addresses a gap that has frustrated security teams for years: traditional SIEMs are..…
-
AiStrike Launches Continuous Detection Engineering to Fix Alert Noise at the Source
Alert fatigue is a persistent problem in security operations, but AiStrike is framing it as a symptom of a deeper issue: poor detection quality. At RSAC 2026, the company announced Continuous Detection Engineering, a capability designed to shift SOC teams from reactive alert triage toward ongoing, intelligence-driven detection optimization. The company’s own analysis across enterprise..…
-
AiStrike Launches Continuous Detection Engineering to Fix Alert Noise at the Source
Alert fatigue is a persistent problem in security operations, but AiStrike is framing it as a symptom of a deeper issue: poor detection quality. At RSAC 2026, the company announced Continuous Detection Engineering, a capability designed to shift SOC teams from reactive alert triage toward ongoing, intelligence-driven detection optimization. The company’s own analysis across enterprise..…
-
Arctic Wolf kündigt weltweit größtes kommerzielles AgenticOperations-Center an
Arctic Wolf, ein weltweit führender Anbieter von Security-Operations-Lösungen, gibt sowohl die Eröffnung des Aurora-Agentic-SOC als auch die Verfügbarkeit von Aurora-Superintelligence-Platform bekannt. Die neue Plattform soll die Einführung von KI im Bereich der Cybersicherheit beschleunigen. Dazu trägt auch die Einführung des neuen Agentic-SOC bei, welches das SOC-Betriebsmodell neu definiert, indem es KI agentengesteuert in den Mittelpunkt…
-
Cisco Ships Zero Trust for AI Agents, Self-Service Red Teaming, and Agentic SOC Tools at RSAC 2026
Cisco announced a broad set of security products at RSAC 2026 Monday aimed at securing the growing use of AI agents in enterprise environments. The announcements span identity management, pre-deployment testing, open-source tooling, and SOC automation. The centerpiece is Zero Trust Access for AI agents, which extends Cisco’s existing access control model to cover agentic..…
-
Arctic Wolf Launches Aurora Agentic SOC, Claims World’s Largest Commercial Agentic SOC
Arctic Wolf launched the Aurora Agentic SOC at RSAC 2026, billing it as the world’s largest commercial agentic Security Operations Center. The announcement represents a significant platform rebuild for the company, shifting from a human-led model to one that puts AI agents at the center of SOC operations while keeping human experts involved for oversight..…
-
AI in the SOC: What Could Go Wrong?
Two cybersecurity leaders tested out AI in their respective SOCs for six months, and here’s what they learned. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ai-soc-go-wrong
-
SOC 2 penetration testing requirements
For organisations pursuing SOC 2, demonstrating effective security controls is central to the audit process. While the framework does not prescribe specific technologies or testing frequencies, it does require evidence that risks are identified, assessed, and mitigated through appropriate controls. This is where SOC 2 penetration testing becomes particularly relevant. For many SaaS providers and”¦…
-
Amazon Lost 6.3 Million Orders to Vibe Coding. Your SOC Is Next.
Amazon mandated AI coding tools and suffered a 6-hour outage costing 6.3 million orders. The same AI quality crisis now emerging in SOC operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/amazon-lost-6-3-million-orders-to-vibe-coding-your-soc-is-next/
-
How Dropzone AI Is Bringing A ‘Software-Only’ Approach To Agentic SOC: CEO
Dropzone AI is finding strong traction with MSSPs for its technology that brings a fully AI-powered approach to dealing with alert overload in the SOC (Security Operations Center), according to Dropzone Founder and CEO Edward Wu. First seen on crn.com Jump to article: www.crn.com/news/security/2026/how-dropzone-ai-is-bringing-a-software-only-approach-to-agentic-soc-ceo
-
How Dropzone AI Is Bringing A ‘Software-Only’ Approach To Agentic SOC: CEO
Dropzone AI is finding strong traction with MSSPs for its technology that brings a fully AI-powered approach to dealing with alert overload in the SOC (Security Operations Center), according to Dropzone Founder and CEO Edward Wu. First seen on crn.com Jump to article: www.crn.com/news/security/2026/how-dropzone-ai-is-bringing-a-software-only-approach-to-agentic-soc-ceo
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
SIEM Is Not Dead. It Just Stopped Moving Fast Enough.
I recently joined Tim Peacock and Anton Chuvakin on the Google Cloud Security Podcast to talk about SIEM, AI SOC, pricing, federated architecture, detection engineering, and why network telemetry is quietly becoming important again. The short version is simple: SIEM is not dead. Calling it obsolete makes for good marketing, but it is not a……
-
SIEM Is Not Dead. It Just Stopped Moving Fast Enough.
I recently joined Tim Peacock and Anton Chuvakin on the Google Cloud Security Podcast to talk about SIEM, AI SOC, pricing, federated architecture, detection engineering, and why network telemetry is quietly becoming important again. The short version is simple: SIEM is not dead. Calling it obsolete makes for good marketing, but it is not a……
-
Tool-Overload überfordert SOC-Analysten – Zeitfaktor entscheidet über Schadensbegrenzung bei Cyberangriffen
First seen on security-insider.de Jump to article: www.security-insider.de/siem-soar-mttd-mttr-reaktionszeit-cyberangriffe-a-7d51eb9bae2d7023401cc78811a73c1d/