logo
episode-header-image
Aug 8
52m 39s

AI for SOC Automation: A Blueprint for t...

Cloud Security Podcast Team
About this episode

The nature of Security Operations is changing. As cloud environments grow in complexity and data volumes explode, traditional approaches to detection and response are proving insufficient. This episode features an in-depth conversation with Kyle Polley, who leads the AI security team at Perplexity, about a modern blueprint for the Security Operations Center (SOC).

The discussion centers on a necessary architectural shift away from traditional SIEMs, which were not built for today's scale, toward a "data lake infrastructure built for detection and response". Kyle explains how this model provides the scalability needed to handle modern data loads and enables a more effective incident response process.

A cornerstone of this new model is the use of centralized AI agents. The conversation explores how these agents can be tasked with performing in-depth alert investigations, helping to reduce analyst burnout and allowing security teams to focus on more proactive, high-impact work. This approach moves beyond simple automation to create a system where AI augments and enhances the capabilities of the human team.


Guest Socials -⁠⁠ ⁠⁠⁠⁠Kyle's Linkedin

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity Podcast


Questions asked:

(00:00) Introduction to Kyle Polley & The Future of SOCs(01:03) The Core Argument: Why You Must Build Your SOC Before Compliance(03:34) Beyond the Certificate: The Difference Between Being Compliant vs. Secure(04:20) Today's #1 AI Threat: The Challenge of Prompt Injection(06:00) The Architectural Flaw: Handling Untrusted Data in AI Systems(08:20) The "Security Data Lake": Moving Beyond the Traditional SIEM(15:00) The Future is Now: A Centralized AI Agent for Automated Investigations(20:06) Will AI Take My Job? How AI Elevates, Not Replaces, the Security Analyst(25:20) Redefining "Shifting Left" with Personal AI Security Agents(31:00) Can AI Reason? How Modern AI Agents Intelligently Query Logs(37:05) Rethinking Incident Response Playbooks in the Age of AI(41:00) The MVP SOC: A Practical Roadmap for Small & Medium Companies(46:08) Final Questions: Maintaining Optimism, Woodworking, and Tex-Mex(50:08) Where to Connect with Kyle Polley


Resources spoken about during the episode:

Easy Agents: an open-source framework

How to give every department their own AI Agent

Up next
Aug 22
New Identity Blueprint for a Future with Cloud & AI
Identity is the root cause of over 70% of all security incidents, yet many organizations still rely on fundamentally flawed authentication methods. In this episode, Jasson Casey, CEO and co-founder of Beyond Identity, explains why even common forms of MFA are insufficient and why ... Show More
49m 44s
Aug 7
The Truth About Agentic AI in the SOC: Reality vs. Hype
What does the integration of AI into a Security Operations Center (SOC) practically look like? This episode explores the concept of the "Agentic SOC," moving beyond marketing terms to discuss its real-world applications and limitations.Ashish Rajan is joined by Edward Wu, CEO of ... Show More
52m 39s
Jul 22
Understanding a $10B Fraud Vector in Cloud-Native Workflows
A $10 billion fraud vector is currently exploiting a common feature in many cloud-native applications: the SMS verification flow. This isn't a traditional breach. Instead of stealing data, adversaries use bots to trigger costs that are quietly absorbed into your company's operati ... Show More
44m 42s
Recommended Episodes
Oct 2024
Balancing Security with Usability in Cybersecurity
In this episode of Threat Vector, host David Moulton talks with guest speaker Brian Wrozek, Forrester Principal Analyst in Security & Risk, about the complexities of aligning security strategies across global teams. Brian draws on his extensive experience in cybersecurity, operat ... Show More
41m 41s
Nov 2024
Bridging AI and Cybersecurity Gaps with Mileva Security Labs’ Harriet Farlow
Join us in this episode of Threat Vector as guest host Michael Heller shares his conversation with Harriet Farlow, CEO of Mileva Security Labs and a pioneer in AI security research. With a background spanning AI and national cybersecurity, Harriet shares her journey into adversar ... Show More
27m 17s
May 24
From English Literature to Cybersecurity: A Journey Through Blockchain and Security
LINKS: https://distrust.co/software.html - Software page with OSS software Linux distro: https://codeberg.org/stagex/stagex Milksad vulnerability: https://milksad.info/ In this episode of Cybersecurity Today on the Weekend, host Jim Love engages in a captivating discussion with A ... Show More
54m 36s
Sep 2024
Cyber Security Trends and Tips
Join us on the latest episode of Aviation Tech Talks with host, Jim Boccarossa, as we soar into the world of aviation technology! In this episode, we dive deep into the crucial topic of cybersecurity with expert guest, Sagar Pandya, co-founder of Middle Ground Technologies. Disco ... Show More
31m 27s
Sep 2024
CISO vs. Security Engineer
In this episode of Life of a CISO, Dr. Eric Cole dives into the significant differences between security engineers and chief information security officers, a distinction many fail to recognize. He explains that merging these two roles into the same career track is one of the core ... Show More
31m 46s
May 17
The Monthly Cybersecurity Review: Data Breaches, Ransomware, and Critical Infrastructure
In this episode of 'Cybersecurity Today', host Jim Love is joined by panelists Laura Payne from White Tuque and David Shipley from Beauceron Security to review significant cybersecurity events over the past month. The discussion covers various impactful stories such as the disapp ... Show More
56m 44s
Aug 2024
Cyber Security vs Frameworks
In the latest episode of Life of a CISO, Dr. Eric Cole dives deep into the critical difference between compliance and true cybersecurity. He emphasizes that while frameworks and compliance standards are essential, they often focus on checking boxes rather than addressing the holi ... Show More
30m 17s
Aug 2024
Securing SMBs Serving Defense Industrial Base and U.S. Critical Infrastructure
In this episode, Chris Petersen, Co-Founder and CEO of RADICL, and I discuss the challenges of securing the small and medium-sized businesses (SMBs) that serve the United States defense industrial base (DIB) and critical infrastructure. These SMBs play a significant role in suppo ... Show More
40m 59s
Jun 2024
Accor CTO's Hotel Tech Masterclass: Cyber Security, Sustainability and More
In this episode of Hotel Tech Insider, we dive deep into the future of hotels and the technology driving them forward. Our guest, Floor Bleeker, the CTO of Accor, one of the largest hotel companies globally, shares insights into how technology is revolutionizing every aspect of A ... Show More
32m 52s
Listen to millions of songs and podcasts on Anghami