Resilient Cyber

Resilient Cyber w/ Filip Stojkovski & Dylan Williams - Agentic AI & SecOps

Dec 11, 2024

Dylan Williams, a cybersecurity expert focused on security operations and large language models, and Filip Stojkovski, a seasoned professional in SecOps and threat intelligence, discuss the cutting-edge integration of Agentic AI in cybersecurity. They break down the concept of AI agents and multi-agent architectures, highlighting their potential to streamline operations. The conversation also touches on challenges like identity management and the necessity of human oversight, alongside practical tips for integrating AI into existing security frameworks.

22:45

Episode guests

Filip Stojkovski

Dylan Williams

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

AI agents significantly enhance security operations by automating repetitive tasks, alleviating alert fatigue, and improving incident response efficiency.

Implementing AI agents in cybersecurity requires careful attention to privilege management and human oversight to mitigate potential misuse risks.

Deep dives

The Evolution of AI Agents in Cybersecurity

AI agents represent a significant shift in cybersecurity practices, particularly in security operations. These agents leverage large language models (LLMs) to automate tasks that usually require human involvement, allowing for more efficient cyber incident detection and response. Unlike traditional models that require continuous human input, AI agents can perform iterative processes autonomously, reducing the manual burden on security analysts. This shift towards autonomy aims to alleviate issues like alert fatigue, where analysts become overwhelmed by constant notifications, thereby enhancing operational efficiency.

Intro

2min

Navigating AI in Cybersecurity

9min

Exploring Multi-Agent Architectures in AI Security

2min

Navigating the Risks of Autonomous Agents in Cybersecurity

3min

AI in Cybersecurity: Challenges and Opportunities

8min

In this episode, we will be sitting down with Filip Stojkovski and Dylan Williams to dive into AI, Agentic AI, and the intersection with cybersecurity, specifically Security Operations (SecOps).

I’ve been following Filip and Dylan for a bit via LinkedIn and really impressed with their perspective on AI and its intersection with Cyber, especially SecOps. We dove into that in this episode including:

What exactly Agentic AI and AI Agents are, and how they work
What a Blueprint for AI Agents in Cybersecurity may look like, using their example in their blog with the same title
The role of multi-agentic architectures, potential patterns, and examples such as Triage Agents, Threat Hunting Agents, and Response Agents and how they may work in unison
The potential threats to AI Agents and Agentic AI architectures, including longstanding challenges such as Identity and Access Management (IAM), Least-Permissive Access Control, Exploitation, and Lateral Movement
The current state of adoption across enterprises and the startup landscape and key considerations for CISO’s and security leaders looking to potentially leverage Agentic SecOps products and offerings

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Resilient Cyber

Resilient Cyber w/ Filip Stojkovski & Dylan Williams - Agentic AI & SecOps

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Evolution of AI Agents in Cybersecurity

Focus on Security Operations: The Rationale

Navigating Risks and Implementation Challenges

Remember Everything You Learn from Podcasts