Mor Levi, VP of Detection, Analysis, & Response at Salesforce, shares her expertise on integrating AI in security operations. She reveals how Agent Force achieved 90% automation in triage while maintaining effectiveness. Topics include securing AI implementations, the evolving roles of security analysts, and the importance of data quality. Mor discusses the balance between AI efficiency and human creativity, emphasizing the need for strategic thinking in an increasingly automated landscape. Real-world examples provide insights into both the challenges and successes of AI in enterprise security.
31:02
forum Ask episode
web_stories AI Snips
view_agenda Chapters
auto_awesome Transcript
info_circle Episode notes
question_answer ANECDOTE
Mor Levi's Career Journey
Mor Levi, VP of Detection and Response at Salesforce, shared her career journey.
Starting in the Israeli military, she transitioned through startups and various roles to her current position.
insights INSIGHT
LLM Threat Modeling
Threat modeling for LLMs requires understanding the specific application and business logic.
Focus on potential abuse scenarios like data exfiltration, malicious execution, and hallucinations.
insights INSIGHT
Defining AI Agents
AI agents are application layers on top of LLMs, specializing in specific data sets.
They leverage the LLM's capabilities but operate within a defined context.
Get the Snipd Podcast app to discover more snips from this episode
What does AI in security operations actually look like at scale? In this episode of Detection at Scale, Mor Levi, VP of Detection, Analysis, & Response at Salesforce, shares her team's hands-on experience with Agent Force — from achieving 90% automation in initial case triage to setting ambitious goals for full automation.
Her conversation with Jack goes deep into the practical realities: integrating AI with existing tools, evolving analyst roles, and why human creativity matters more than ever. Through candid discussion and real-world examples, Mor shares both the successes and challenges of bringing AI into enterprise security, offering valuable lessons for teams at any stage of their AI journey.
Topics discussed:
Implementing generative AI agents for security operations, achieving 90% automation in initial triage while maintaining effectiveness and reliability.
Securing LLM implementations through comprehensive threat modeling, focusing on data access controls and potential abuse scenarios.
Integrating AI agents with existing SOAR platforms to create powerful automation workflows while maintaining operational control.
Evolution of security analyst roles as AI handles routine tasks, emphasizing strategic thinking and hypothesis development.
Importance of data quality and systematic implementation in training effective security-focused AI agents.
Strategies for maintaining consistency and reliability in AI-driven security operations through proper prompt engineering.
Building effective guardrails and controls for AI systems while enabling powerful automation capabilities.
Balancing automation with human oversight to ensure security effectiveness and maintain operational integrity.
Future trends in AI-driven security operations and the increasing importance of creative problem-solving skills.
Practical advice for implementing AI in security operations, emphasizing focused use cases and clear success criteria.
Detection at Scale