In this episode of Resilient Cyber, I sit down with Kamal Shah, Cofounder and CEO at Prophet Security, to discuss the State of AI in SecOps.
There continues to be a tremendous amount of excitement and investment in the industry around AI and cybersecurity, with Security Operations (SecOps) arguably seeing the most investment among the various cybersecurity categories.
Kamal and I will walk through the actual state of AI in SecOps, how AI is impacting the future of the SOC, what hype vs. reality is, and much more.
Prefer to listen?
Please be sure to leaving a rating and review, it helps a ton.
Kamal is a 4x Founder, with multiple successful exits, but saw a massive opportunity with the rise of AI to address systemic challenges in SecOps. We covered a lot of great discussion points, including:
Kamal’s background and what he learned through successful startups and exits before co-founding Prophet Security
Why SecOps, in particular, among the various categories of cybersecurity, has so much excitement when it comes to AI compared to other categories, such as AppSec and GRC.
Prophet Security’s “State of AI in SecOps” report and the key findings.
How the average organization sees 960~ average alerts daily, and how teams are drowning in noise and need to understand what truly matters.
The bleak reality that 40% of alerts are never investigated due to limited bandwidth and capacity among teams, leading to 60% of teams admitting that ignored alerts have led to incidents, even involving customer data, and how AI can address this challenge.
The finding that 57% of companies suppress detection rules (e.g., product alerts, notifications, and features) due to being overwhelmed, and how this presents both cyber risks, as well as diminishes the ROI of their security products due to lack of use.
How AI can allow us to open the aperture and not only not suppress detection rules but also expand our coverage even further.
The impedance mismatch between attackers and defenders, with defenders taking 70~minutes to investigate alerts while attackers move in minutes and are being driven by AI, are exploiting vulnerabilities minutes after their release, and how and why defenders should equally be looking to use AI to mitigate cyber risks through more effective SecOps.
How we won’t be able to “hire” our way out of the cyber challenges we face and how AI can be a force multiplier, helping teams be more effective without expanding headcount or demanding a never-ending budget.
The economics of AI in SecOps when it comes to costs of investigations, alert triage, and activities that demand compute usage.
Real-world examples of customers and PoV’s Prophet is conducting and how those insights and experiences funnel back into Prophet's product, GTM, and strategy as they learn from interactions and customer needs.
What CISOs should look for when it comes to considering an AI SOC solution, moving beyond slide decks and demos to real-world bake-offs and PoV’s.
I asked Kamal what makes Prophet stand out in a crowded market with many aspirational founders looking to build AI SecOps solutions, and Kamal was able to weigh in with his perspective after multiple successful exits, helping differentiate their approach and long-term strategy.
