The Evolution of AI in Cyber Security // Jeff Schwartzentruber // #344

36 snips

Nov 4, 2025

Jeff Schwartzentruber, a Senior Machine Learning Scientist at eSentire, dives into the evolving landscape of AI in cybersecurity. He reveals the shift from signature-based detection to dynamic anomaly detection, tackling issues like alert fatigue in Security Operations Centers. The conversation explores the risks associated with AI agents, including prompt injections and the need for visibility. Jeff highlights how defenders and attackers use Generative AI, emphasizing the importance of maintaining organizational truth amid rising deception risks.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

From Signatures To Dynamic Detection

Signature-based detection works but breaks when malware mutates its hash or exact indicators.
Thresholding and dynamic anomaly detection began filling the gap by profiling users and activity patterns.

INSIGHT

Anomaly Detection's Scaling Problem

Profiling and anomaly detection scale detection by baselining individual behavior instead of static rules.
High cardinality and false positives remain major operational challenges for anomaly systems.

INSIGHT

GenAI Turns Logs Into An NLP Problem

GenAI complicates detection because telemetry is unstructured and normalization varies across vendors.
Security becomes an NLP-like engineering problem when parsing diverse logs and extracting context.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Dr. Jeff Schwartzentruber is a Senior Machine Learning Scientist at eSentire, working on anomaly detection pipelines and the use of large language models to enhance cybersecurity operations.The Evolution of AI in Cyber Security // MLOps Podcast #344 with Jeff Schwartzentruber, Staff Machine Learning Scientist at eSentire.

Join the Community:

https://go.mlops.community/YTJoinIn

Get the newsletter: https://go.mlops.community/YTNewsletter

// Abstract

Modern cyber operations can feel opaque. This talk explains—step by step—what a security operations center (SOC) actually does, how telemetry flows in from networks, endpoints, and cloud apps, and what an investigation can credibly reveal about attacker behavior, exposure, and control gaps. We then trace how AI has shown up in the SOC: from rules and classic machine learning for detection to natural-language tools that summarize alerts and turn questions like “show failed logins from new countries in the last 24 hours” into fast database queries. The core of the talk is our next step: agentic investigations. These GenAI agents plan their work, run queries across tools, cite evidence, and draft analyst-grade findings—with guardrails and a human in the loop. We close with what’s next: risk-aware auto-remediation, verifiable knowledge sources, and a practical checklist for adopting these capabilities safely.

// Bio

Dr. Jeff Schwartzentruber holds the position of Sr. Machine Learning Scientist at eSentire – a Canadian cybersecurity company specializing in Managed Detection and Response (MDR). Dr. Schwartzentruber’s primary academic and industry research has been concentrated on solving problems at the intersection of cybersecurity and machine learning (ML). Over his +10-year career, Dr. Schwartzentruber has been involved in applying ML for threat detection and security analytics for several large Canadian financial institutions, public sector organizations (federal), and SME’s. In addition to his private sector work, Dr. Schwartzentruber is also an Adjunct Faculty at Dalhousie University in the Department of Computer Science, a Special Graduate Faculty member with the School of Computer Science at the University of Guelph, and a Sr. Advisor on AI at the Rogers Cyber Secure Catalysts.

// Related Links

Website: https://www.esentire.com/

~~~~~~~~ ✌️Connect With Us ✌️ ~~~~~~~

Catch all episodes, blogs, newsletters, and more: https://go.mlops.community/TYExplore

Join our Slack community [https://go.mlops.community/slack]

Follow us on X/Twitter [@mlopscommunity](https://x.com/mlopscommunity) or [LinkedIn](https://go.mlops.community/linkedin)]

MLOps Swag/Merch: [https://shop.mlops.community/]

Connect with Demetrios on LinkedIn: /dpbrinkm

Connect with Jeff on LinkedIn: /jeff-schwartzentruber/