Detection at Scale | Jack Naglieri | Substack

38:10

D@S #70 - GreenSky's Ken Bowles on Protecting Crown Jewels First and AI's Real Role in the SOC

Ken Bowles on navigating AI hype in the SOC, prioritizing crown jewels over comprehensive coverage, and why human judgment remains irreplaceable

Nov 26 •

42:50

D@S #69 - FanDuel's All-Engineer SOC: From Phishing to IR with Custom Agents

Tyler Martin on eliminating tier 1-3 analyst work, automating incident response from Slack, and why security teams need to think about "context rot".

Nov 18 •

Building Custom AI SOC Agents with MCP

How security teams are orchestrating vendor capabilities with internal tooling through conversational bots, workflow automation, and enhanced developer…

Nov 17 •

How AI Agent Tools Work: A Practical Guide for SOC Analysts

How tool calling turns natural language questions into actionable security investigations.

Nov 10 •

34:28

D@S #68 - Building Production-Ready AI Agents in Security Operations

George Warbacher on navigating AI hype, building specialized agents from scratch, and why the SOAR market is facing disruption

Oct 30 •

Most Popular

MCP: Building Your SecOps AI Ecosystem

Apr 2 • Jack Naglieri

The Agentic SIEM

Jan 21 • Jack Naglieri

The Transition from Monolithic SIEMs to Data Lakes for Security Monitoring

Oct 23, 2023 • Jack Naglieri

The Anatomy of a High Quality SIEM Rule

Aug 26, 2024 • Jack Naglieri

Recent posts

From SIEM to AI SOC: The Agent-Driven Future

How AI agents will transform security operations from alert-driven chaos to intelligent, autonomous analysis that finally scales to fit our needs.

Sep 29 •

D@S #67: The Crawl, Walk, Run of Agentic Security Operations with Stephen Gubenia

Steven Gubenia (from Cisco Meraki) shares his framework and lessons learned for implementing AI agents in security operations.

Sep 24 •

37:48

The Data Your AI-Powered SOC Needs

Context Engineering for Automated Security Triage

Sep 22 •

D@S #66: Databricks' Dave Herrald on Building SOCs with AI Agents & Data Lakes

Dave Herrald, Global Head of Cybersecurity GTM at Databricks, discusses modern data lake architectures and strategic AI implementation.

Sep 9 •

39:43

D@S #65: Empowering SOC Analysts with AI and Automation

Matt Muller (Field CISO @ Tines) on Redefining the Analyst Role, Leveraging Context, and Integrating AI with Confidence

Aug 26 •

30:48

Detection at Scale

Detection at Scale

A weekly newsletter for security practitioners building AI-powered SOCs. Get actionable strategies on detection-as-code, autonomous triage, and threat response at scale—no hype, just what actually works.

Recommendations

Detection Engineering Weekly

Detection Engineering Weekly

Zack Allen

Software Analyst Cyber Research

Software Analyst Cyber Research

Francis Odum

Venture in Security

Venture in Security

Ross Haleliuk

Cyberwox Unplugged

Cyberwox Unplugged

Day Johnson

Resilient Cyber

Resilient Cyber

Chris Hughes

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts