How AI is changing Detection Engineering & SOC Operations?
AI is revolutionizing many things, but how does it impact detection engineering and SOC teams? In this episode, we sit down withDylan Williams, a cybersecurity practitioner with nearly a decade of experience in blue team operations and detection engineering. We speak about how AI is reshaping threat detection and response, the future role of detection engineers in an AI-driven world, can AI reduce false positives and speed up investigations, the difference between automation vs. agentic AI in security and practical AI tools you can use right now in detection & responseQuestions asked:(00:00) Introduction(02:01) A bit about Dylan Williams(04:05) Keeping with up AI advancements(06:24) Detection with and without AI(08:11) Would AI reduce the number of false positives?(10:28) Does AI help identity what is a signal?(14:18) The maturity of the current detection landscape(17:01) Agentic AI vs Automation in Detection Engineering(19:35) How prompt engineering is evolving with newer models?(25:52) How AI is imapcting Detection Engineering today?(36:23) LLM Models become the detector(42:03) What will be the future of detection?(47:58) What can detection engineers practically do with AI today?(52:57) Favourite AI Tool and Final thoughts on Detection EngineeringResources spoken about during the episode:exa.ai - The search engine for AIBuilding effective agents (Athropic’s blog different architecture and design patterns for agents)-https://www.anthropic.com/research/building-effective-agents -Introducing Ambient Agents (LangChain’s blog on Ambient Agents) -https://blog.langchain.dev/introducing-ambient-agents/ -Jared Atkinson’s Blog on Capability Abstraction -https://posts.specterops.io/capability-abstraction-fbeaeeb26384LangGraph Studio -https://studio.langchain.com/n8n -https://n8n.io/Flowise -https://flowiseai.com/CrewAI -https://www.crewai.com/
--------
57:43
What does your AI cybersecurity plan look like for 2025?
Welcome to 2025! In this episode our hosts Ashish Rajan and Caleb Sima, tackle the pressing question: What should your AI cybersecurity game plan look like this year?
The rapid evolution of agentic AI—where AI agents can perform tasks autonomously—is set to transform businesses, but it comes with unprecedented security challenges. From the resurgence of Identity and Access Management (IAM) to the urgent need for least privilege strategies, this episode captures actionable insights for CISOs and security leaders.
What is agentic AI and how it may impact businesses?
Top 3 priorities for building an effective AI security plan.
The critical role of IAM and least privilege in managing AI agents.
Real-world examples of how agentic AI will impact operations and security.
Practical advice on incident response, monitoring, and preparing for AI-driven challenges.
Questions asked:
(00:00) Introduction
(01:59) The current state of AI in Enterprise
(10:22) Different Levels of Agentic AI
(12:05) CISO AI Cybersecurity Game plan for 2025
(15:57) IAM’s fire comeback
(23:11) Top 3 things for AI Cybersecurity Plan
--------
38:25
AI Cybersecurity Predictions 2025: Revolution or Reality?
In this episode, to kick of 2025, we dive deep into AI and cybersecurity predictions for 2025 exploring the opportunities, challenges, and trends shaping the future of the industry.
Our hosts, Ashish Rajan and Caleb Sima sat down to discuss the evolution of SOC automation and its real-world impact on cybersecurity, the practical use cases for AI-enhanced security tools in organizations, why data security might be the real winner in 2025, the potential of agentic AI and its role in transforming security operations and predictions for AI-powered startups and their production-ready innovations in 2025.
Questions asked:
(00:00) Introduction
(06:32) Current AI Innovation in Cybersecurity
(21:57) AI Security Predictions for 2025
(25:02) Data Security and AI in 2025
(30:56) The rise of Agentic AI
(35:40) Planning for AI Skills in the team
(42:53) What to ditch from 2024?
(48:00) AI Making Security Predictions for 2025
--------
56:53
AI Red Teaming in 2024 and Beyond
Host Caleb Sima and Ashish Rajan caught up with experts Daniel Miessler (Unsupervised Learning), Joseph Thacker (Principal AI Engineer, AppOmni) to talk about the true vulnerabilities of AI applications, how prompt injection is evolving, new attack vectors through images, audio, and video and predictions for AI-powered hacking and its implications for enterprise security.
Whether you're a red teamer, a blue teamer, or simply curious about AI's impact on cybersecurity, this episode is packed with expert insights, practical advice, and future forecasts. Don’t miss out on understanding how attackers leverage AI to exploit vulnerabilities—and how defenders can stay ahead.
Questions asked:
(00:00) Introduction
(02:11) A bit about Daniel Miessler
(02:22) A bit about Rez0
(03:02) Intersection of Red Team and AI
(07:06) Is red teaming AI different?
(09:42) Humans or AI: Better at Prompt Injection?
(13:32) What is a security vulnerability for a LLM?
(14:55) Jailbreaking vs Prompt Injecting LLMs
(24:17) Whats new for Red Teaming with AI?
(25:58) Prompt injection in Multimodal Models
(27:50) How Vulnerable are AI Models?
(29:07) Is Prompt Injection the only real threat?
(31:01) Predictions on how prompt injection will be stored or used
(32:45) What’s changed in the Bug Bounty Toolkit?
(35:35) How would internal red teams change?
(36:53) What can enterprises do to protect themselves?
(41:43) Where to start in this space?
(47:53) What are our guests most excited about in AI?
Resources
Daniel's Webpage - Unsupervised Learning
Joseph's Website
--------
51:24
The Current State of AI and the Future for CyberSecurity in 2024
In this jam-packed episode, with our panel we explored the current state and future of AI in the cybersecurity landscape. Hosts Caleb Sima and Ashish Rajan were joined by industry leaders Jason Clinton (CISO, Anthropic), Kristy Hornland (Cybersecurity Director, KPMG) and Vijay Bolina (CISO, Google DeepMind) to dive into the critical questions surrounding AI security.
We’re at an inflection point where AI isn’t just augmenting cybersecurity—it’s fundamentally changing the game. From large language models to the use of AI in automating code writing and SOC operations, this episode examines the most significant challenges and opportunities in AI-driven cybersecurity. The experts discuss everything from the risks of AI writing insecure code to the future of multimodal models communicating with each other, raising important questions about trust, safety, and risk management.
For anyone building a cybersecurity program in 2024 and beyond, you will find this conversation valuable as our panelist offer key insights into setting up resilient AI strategies, managing third-party risks, and navigating the complexities of deploying AI securely. Whether you're looking to stay ahead of AI's integration into everyday enterprise operations or explore advanced models, this episode provides the expert guidance you need
Questions asked:
(00:00) Introduction
(02:28) A bit about Kristy Hornland
(02:50) A bit about Jason Clinton
(03:08) A bit about Vijay Bolina
(04:04) What are frontier/foundational models?
(06:13) Open vs Closed Model
(08:02) Securing Multimodal models and inputs
(12:03) Business use cases for AI use
(13:34) Blindspots with AI Security
(27:19) What is RPA?
(27:47) AI’s talking to other AI’s
(32:31) Third Party Risk with AI
(38:42) Enterprise view of risk with AI
(40:30) CISOs want Visibility of AI Usage
(45:58) Third Party Risk Management for AI
(52:58) Starting point for AI in cybersecurity program
(01:02:00) What the panelists have found amazing about AI
Australia