Detection at Scale | Jack Naglieri | Substack

How AI Agent Tools Work: A Practical Guide for SOC Analysts

How tool calling turns natural language questions into actionable security investigations.

Nov 10 •

34:28

D@S #68 - Building Production-Ready AI Agents in Security Operations

George Warbacher on navigating AI hype, building specialized agents from scratch, and why the SOAR market is facing disruption

Oct 30 •

From SIEM to AI SOC: The Agent-Driven Future

How AI agents will transform security operations from alert-driven chaos to intelligent, autonomous analysis that finally scales to fit our needs.

Sep 29 •

37:48

D@S #67: The Crawl, Walk, Run of Agentic Security Operations with Stephen Gubenia

Steven Gubenia (from Cisco Meraki) shares his framework and lessons learned for implementing AI agents in security operations.

Sep 24 •

The Data Your AI-Powered SOC Needs

Context Engineering for Automated Security Triage

Sep 22 •

Most Popular

MCP: Building Your SecOps AI Ecosystem

Apr 2 • Jack Naglieri

The Agentic SIEM

Jan 21 • Jack Naglieri

The Transition from Monolithic SIEMs to Data Lakes for Security Monitoring

Oct 23, 2023 • Jack Naglieri

The Anatomy of a High Quality SIEM Rule

Aug 26, 2024 • Jack Naglieri

Recent posts

D@S #66: Databricks' Dave Herrald on Building SOCs with AI Agents & Data Lakes

Dave Herrald, Global Head of Cybersecurity GTM at Databricks, discusses modern data lake architectures and strategic AI implementation.

Sep 9 •

39:43

D@S #65: Empowering SOC Analysts with AI and Automation

Matt Muller (Field CISO @ Tines) on Redefining the Analyst Role, Leveraging Context, and Integrating AI with Confidence

Aug 26 •

30:48

Architecting Your Detection Strategy for Speed and Context

A practical guide to building security monitoring that balances speed with context while optimizing costs and reducing false positives.

Aug 18 •

D@S Podcast S3 Ep#63 - Why Your SOC Isn't Ready for AI (And How to Fix It)

Illumio's Erik Bloch argues that chasing shiny AI tools without solid fundamentals is like building a house on sand—and he's got the data to prove it.

Jul 22 •

47:49

D@S Podcast #62 - Training Analysts When AI Does the Investigating

SANS Institute's John Hubbard predicts the future SOC analyst won't investigate alerts, but will instead manage the AI agent army that does.

Jul 15 •

30:04

Detection at Scale

Detection at Scale

A weekly newsletter for security practitioners building AI-powered SOCs. Get actionable strategies on detection-as-code, autonomous triage, and threat response at scale—no hype, just what actually works.

Recommendations

Cyberwox Unplugged

Cyberwox Unplugged

Day Johnson

Detection Engineering Weekly

Detection Engineering Weekly

Zack Allen

Venture in Security

Venture in Security

Ross Haleliuk

Software Analyst Cyber Research

Software Analyst Cyber Research

Francis Odum

Resilient Cyber

Resilient Cyber

Chris Hughes

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts