Both junior and senior security analysts encounter frustrating challenges with threat hunting, making it hard to really make it an integral part of daily SOC operations. How can we make things easier and less ad hoc for them? We sit down with Albert Caballero and Adriana Corona from SentinelOne to discuss this in depth.
At its recent OneConnect event in the Benelux, representatives from #SentinelOne gave keynotes on different topics that relate to each other in different ways. On the one hand there was a keynote from Albert Caballero, Field CISO at SentinelOne, about #threathunting. On the other, there was a keynote about (among other things) Purple AI, by Adriana Corona, Director of Products for AI at the same company. As it turns out, AI can and will have fundamental implications for threat hunting, and for #cybersecurity as a whole.
Besides the somewhat conceptual impact of AI on threat hunting, Adriana and Albert delve into the emerging use of Retrieval Augmented Generation (RAG). It's not only AI that helps humans, but also the other way around. Expert-created threat intelligence enhances AI effectiveness and accuracy.
Another big topic in the conversation is the pivotal importance of #transparency and #trust in #AI systems. We contrast the contextual precision of specialized AI with more generic platforms. Transparency of how AI works is absolutely vital for cybersecurity purposes. That's the only way to reach reliable decision-making in cybersecurity. There are challenges too, for sure, so we also talk about how to tackle those.
All in all this is another must-listen for people and organizations looking to optimize their #security posture and stack, by using AI or in other ways. And let's be honest, who isn't in 2024.