AI CyberSecurity Podcast

How AI is changing Detection Engineering & SOC Operations?

Feb 7, 2025

In this engaging discussion, Dylan Williams, a seasoned cybersecurity practitioner with nearly ten years in detection engineering, shares his insights on AI's transformative effects on detection processes. He explores how AI is reshaping threat detection and reducing false positives while enhancing investigation speed. Dylan also delineates the difference between automation and agentic AI, emphasizes the importance of accurate signal identification, and introduces practical AI tools that detection engineers can utilize right now. Tune in for a glimpse into the future of detection engineering!

57:43

Creator website

Episode guests

Dylan Williams

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

AI is transforming detection engineering by enabling engineers to focus on strategic roles while automating routine tasks.

The integration of AI in cybersecurity operations significantly reduces false positives and enhances the efficiency of threat detection.

Future advancements in AI will require detection engineers to adapt by learning to utilize AI tools effectively for improved threat responses.

Deep dives

The Evolving Role of Detection Engineers

Detection engineers are anticipated to shift from manual tasks to more strategic roles as AI tools become integral in cybersecurity. In the near future, these professionals will likely function as strategic leaders in detection and response (DNR), delegating routine detection tasks to AI systems. The expectation is that AI will enhance and expedite detection processes, allowing engineers to focus on higher-level strategy and threat analysis. As a result, the interaction between human experts and AI will redefine how security operations teams manage threats and vulnerabilities.

Intro

4min

The Evolution of Detection Engineering in an AI World

6min

Navigating False Positives and Signal Validation in Detection Engineering

4min

AI in Detection Engineering: Challenges and Future Prospects

22min

AI and Security Operations: Enhancing Detection Engineering

17min

Exploring User-Friendly AI Tools for Detection Engineering

2min

Navigating AI Models and the Future of Detection Engineering

4min

AI is revolutionizing many things, but how does it impact detection engineering and SOC teams? In this episode, we sit down withDylan Williams, a cybersecurity practitioner with nearly a decade of experience in blue team operations and detection engineering. We speak about how AI is reshaping threat detection and response, the future role of detection engineers in an AI-driven world, can AI reduce false positives and speed up investigations, the difference between automation vs. agentic AI in security and practical AI tools you can use right now in detection & response

Questions asked:

(00:00) Introduction

(02:01) A bit about Dylan Williams

(04:05) Keeping with up AI advancements

(06:24) Detection with and without AI

(08:11) Would AI reduce the number of false positives?

(10:28) Does AI help identity what is a signal?

(14:18) The maturity of the current detection landscape

(17:01) Agentic AI vs Automation in Detection Engineering

(19:35) How prompt engineering is evolving with newer models?

(25:52) How AI is imapcting Detection Engineering today?

(36:23) LLM Models become the detector

(42:03) What will be the future of detection?

(47:58) What can detection engineers practically do with AI today?

(52:57) Favourite AI Tool and Final thoughts on Detection Engineering

Resources spoken about during the episode:

exa.ai - The search engine for AI

Building effective agents (Athropic’s blog different architecture and design patterns for agents)-https://www.anthropic.com/research/building-effective-agents -

Introducing Ambient Agents (LangChain’s blog on Ambient Agents) -https://blog.langchain.dev/introducing-ambient-agents/ -

Jared Atkinson’s Blog on Capability Abstraction -https://posts.specterops.io/capability-abstraction-fbeaeeb26384

LangGraph Studio -https://studio.langchain.com/

n8n -https://n8n.io/

Flowise -https://flowiseai.com/

CrewAI -https://www.crewai.com/