Building the SOC That Thinks Beyond Alerts ft. Rob van Os @SOC-CMM
カートのアイテムが多すぎます
カートに追加できませんでした。
ウィッシュリストに追加できませんでした。
ほしい物リストの削除に失敗しました。
ポッドキャストのフォローに失敗しました
ポッドキャストのフォロー解除に失敗しました
-
ナレーター:
-
著者:
Most SOCs today are still built around the same assumption: wait for an alert, investigate it, move to the next one.
But what happens when AI becomes capable of doing much more than alert triage?
In this episode, Ahmed Achchak (CEO & Co-founder of Qevlar AI) sits down with Rob van Os, Strategic SOC Advisor at SOC-CMM, to discuss what comes after the alert-centric SOC and why the future of security operations may be driven by continuous situational awareness rather than reactive investigations.
You'll discover:
→ The three stages of SOC evolution: human-led, AI-augmented, and AI-driven.
→ Why simply adding AI to existing workflows won't unlock its full potential.
→ How exposure management, telemetry, and threat intelligence can be combined to create true situational awareness.
→ Why the role of analysts will shift from investigation to governance and oversight.
→ The biggest obstacles preventing organizations from building AI-driven SOCs today.
→ Why trust, context, and human validation remain essential even as AI capabilities improve.
Agenda:
01:30 – The three stages of SOC evolution
04:10 – Why the alert queue is becoming the SOC's biggest bottleneck
05:15 – Moving from reactive investigations to continuous monitoring
07:35 – Situational awareness: combining threats, exposure, and telemetry
10:35 – Can AI help build self-healing security operations?
13:00 – What trust looks like in an AI-driven SOC
18:00 – The data and context problem
29:00 – Fire Round: AI, SOC maturity, and future attacker tactics
Follow Ahmed on LinkedIn: https://www.linkedin.com/in/ahmed-achchak-872554109
Follow Rob van Os on LinkedIn: https://www.linkedin.com/in/socadvisor/
Read Rob’s article on AI-driven SOC: https://www.linkedin.com/pulse/ai-driven-soc-revisited-moving-beyond-alert-centric-security-van-os-jyjqe/