How AI is changing Detection Engineering & SOC Operations?

02/07/25 • 57 min

AI is revolutionizing many things, but how does it impact detection engineering and SOC teams? In this episode, we sit down withDylan Williams, a cybersecurity practitioner with nearly a decade of experience in blue team operations and detection engineering. We speak about how AI is reshaping threat detection and response, the future role of detection engineers in an AI-driven world, can AI reduce false positives and speed up investigations, the difference between automation vs. agentic AI in security and practical AI tools you can use right now in detection & response

Questions asked:

(00:00) Introduction

(02:01) A bit about Dylan Williams

(04:05) Keeping with up AI advancements

(06:24) Detection with and without AI

(08:11) Would AI reduce the number of false positives?

(10:28) Does AI help identity what is a signal?

(14:18) The maturity of the current detection landscape

(17:01) Agentic AI vs Automation in Detection Engineering

(19:35) How prompt engineering is evolving with newer models?

(25:52) How AI is imapcting Detection Engineering today?

(36:23) LLM Models become the detector

(42:03) What will be the future of detection?

(47:58) What can detection engineers practically do with AI today?

(52:57) Favourite AI Tool and Final thoughts on Detection Engineering

Resources spoken about during the episode:

exa.ai - The search engine for AI

Building effective agents (Athropic’s blog different architecture and design patterns for agents)-https://www.anthropic.com/research/building-effective-agents -

Introducing Ambient Agents (LangChain’s blog on Ambient Agents) -https://blog.langchain.dev/introducing-ambient-agents/ -

Jared Atkinson’s Blog on Capability Abstraction -https://posts.specterops.io/capability-abstraction-fbeaeeb26384

LangGraph Studio -https://studio.langchain.com/

n8n -https://n8n.io/

Flowise -https://flowiseai.com/

CrewAI -https://www.crewai.com/

Questions asked:

(00:00) Introduction

(02:01) A bit about Dylan Williams

(04:05) Keeping with up AI advancements

(06:24) Detection with and without AI

(08:11) Would AI reduce the number of false positives?

(10:28) Does AI help identity what is a signal?

(14:18) The maturity of the current detection landscape

(17:01) Agentic AI vs Automation in Detection Engineering

(19:35) How prompt engineering is evolving with newer models?

(25:52) How AI is imapcting Detection Engineering today?

(36:23) LLM Models become the detector

(42:03) What will be the future of detection?

(47:58) What can detection engineers practically do with AI today?

(52:57) Favourite AI Tool and Final thoughts on Detection Engineering

Resources spoken about during the episode:

exa.ai - The search engine for AI

Building effective agents (Athropic’s blog different architecture and design patterns for agents)-https://www.anthropic.com/research/building-effective-agents -

Introducing Ambient Agents (LangChain’s blog on Ambient Agents) -https://blog.langchain.dev/introducing-ambient-agents/ -

Jared Atkinson’s Blog on Capability Abstraction -https://posts.specterops.io/capability-abstraction-fbeaeeb26384

LangGraph Studio -https://studio.langchain.com/

n8n -https://n8n.io/

Flowise -https://flowiseai.com/

CrewAI -https://www.crewai.com/

Previous Episode

What does your AI cybersecurity plan look like for 2025?

Welcome to 2025! In this episode our hosts Ashish Rajan and Caleb Sima, tackle the pressing question: What should your AI cybersecurity game plan look like this year?

The rapid evolution of agentic AI—where AI agents can perform tasks autonomously—is set to transform businesses, but it comes with unprecedented security challenges. From the resurgence of Identity and Access Management (IAM) to the urgent need for least privilege strategies, this episode captures actionable insights for CISOs and security leaders.

What is agentic AI and how it may impact businesses?
Top 3 priorities for building an effective AI security plan.
The critical role of IAM and least privilege in managing AI agents.
Real-world examples of how agentic AI will impact operations and security.
Practical advice on incident response, monitoring, and preparing for AI-driven challenges.

Questions asked:

(00:00) Introduction

(01:59) The current state of AI in Enterprise

(10:22) Different Levels of Agentic AI

(12:05) CISO AI Cybersecurity Game plan for 2025

(15:57) IAM’s fire comeback

(23:11) Top 3 things for AI Cybersecurity Plan

Next Episode

The Truth Behind AI Agents: Hype vs. Reality

AI is evolving fast, and AI agents are the latest buzzword. But what exactly are they? Are they truly intelligent, or just automation in disguise? In this episode, Caleb Sima and Ashish Rajan spoke to Daniel Miessler—a cybersecurity veteran who is now deep into AI security research.

🎙️ In this episode, we cover:

✅ What AI agents really are (and what they’re NOT)

✅ How AI is shifting from searching to making decisions

✅ The biggest myths and misconceptions about AI automation

✅ Why most companies calling their tools “AI agents” are misleading you

✅ How AI agents will impact cybersecurity, business, and the future of work

✅ The security risks and opportunities no one is talking about

Questions asked:

(00:00) Introduction

(03:50) What are AI Agents?

(06:53) Use case for AI Agents

(14:39) Can AI Agents be used for security today?