Welcome to Detection at Scale, a weekly newsletter on AI-first security operations, detection engineering, and the infrastructure that makes modern SOCs work.

2025 was the year AI in security operations moved from ambitious predictions to production reality. The conversation shifted from “will AI work in the SOC?” to “how do we architect these systems?” and, more sobering, “what happens when we get it wrong?” We saw AI agents handling alert triage, watched the first documented AI-orchestrated espionage campaign unfold, and learned hard lessons about context engineering, guardrails, and operational complexity.

This year, we were drawn to writing from analysts and practitioners wrestling with implementations, researchers documenting risks, and experts explaining market shifts. As we head into the holiday break, here’s our essential reading from 2025 on AI-first security operations—posts that shaped the conversation, challenged the industry, and influenced how we build moving forward.

The Industry Perspective

SACR AI SOC Market Landscape For 2025 by Francis Odum

This 2025 report provides a rigorous evaluation of 13 leading AI SOC vendors to help security leaders distinguish marketing claims from meaningful technical capabilities. Building on the foundation of Odum’s 2024 exploratory research, the report provides a practical decision framework and defined architectural models to guide organizations through the phased adoption of agentic security automation.

Decoupled SIEM: Where I Think We Are Now? by Anton Chuvakin

This 2025 analysis by Anton Chuvakin examines the ongoing tension between “decoupled SIEM” architectures and the industry’s shift toward tightly integrated, AI-powered platforms. Building on his earlier debates regarding security data lakes, the post argues that while federated search and modular components offer a “romantic ideal,” the practical simplicity of unified platforms will likely see them “reign supreme” in the coming years.

Why Agentic AI Startups Will Struggle Against Cybersecurity Incumbents by Nick Heudecker

This 2025 analysis by Nick Heudecker explores the significant “brick wall” facing agentic AI startups as they attempt to disrupt the SOC. The post argues that while startups focus on custom-tuned models, real differentiation comes from the massive volumes of telemetry data already owned by industry incumbents such as CrowdStrike and Palo Alto Networks. Ultimately, Heudecker suggests that startups without a proprietary data advantage risk becoming mere “features” of the giants they intended to replace.

Technical Architecture & Implementation

Model Context Protocol has prompt injection security problems by Simon Willison

Willison sounded the alarm on MCP security risks as early adoption accelerated, introducing the concept of the “Lethal Trifecta”: access to private data, exposure to malicious instructions, and the ability to exfiltrate information. This became required reading for anyone implementing MCP in security contexts, and the vulnerabilities he warned about materialized throughout the year, with 1,000-2,000 exposed MCP servers found without authentication.

Taking Flight with Goose and Panther MCP by Tomasz Tchorz and Glenn Edwards

This blog explores how Block is democratizing detection engineering by integrating its open-source AI agent, Goose, with the Panther MCP server to automate complex security workflows. By enabling natural language-to-rule generation and automated testing, the integration allows non-specialist engineers to contribute high-quality, production-ready security detections that were previously reserved for niche experts.

Security Takeaways from 2025 AI Engineer World’s Fair by Matt Maisel

Maisel bridged the AI engineering and security communities better than anyone, capturing insights from the AI conference that defined the year’s technical direction. His key observation was that “the industry’s focus is moving beyond the model itself and toward the broader systems in which agents operate”, which explained the shift we saw from foundation model discussions to context engineering and agent orchestration.

Risks & Reality Checks

The Dark Side of LLM-Powered Security Automation by Aryan D

This post delivered a balanced treatment of AI security automation risks, covering indirect prompt injection, insecure output handling, and automation bias with technical specificity. Aryan’s warning that “security automation magnifies whatever you plug into it” resonated as incidents accumulated, and the post served as a practical checklist for teams deploying AI agents in production.

Disrupting the first reported AI-orchestrated cyber espionage campaign by Anthropic

Not a blog post but an incident disclosure that changed the conversation. Anthropic documented a Chinese state-sponsored group using Claude for 80-90% of their attack operations against approximately 30 global entities. The AI executed “thousands of requests, often multiple per second,” with sophisticated operational security measures. This validated what many suspected, but few had documented: attackers are adopting agentic AI faster than defenders.

From Detection at Scale

We published several posts in 2025 that tried to push the conversation forward on AI-first security operations.

• The Agentic SIEM introduced the vision of AI agents as “analysts with impressive memories who never need coffee.”

• MCP: Building Your SecOps AI Ecosystem broke down the paradigms and tradeoffs of implementing MCP servers in the SOC.

• The Cursor Moment for Security Operations reinforced AI as a powerful assistant rather than a carte blanche replacement for human intuition.

• The Data Your AI-Powered SOC Needs introduced the four-layer context engineering framework for powering SecOps AI agents.

• The State of AI in Security Operations: 5 Patterns That Defined 2025 synthesized what we learned through the various podcasts and posts.

We’re taking a break for the holidays and will be back in January with fresh perspectives on where AI-first security operations are heading in 2026. In the meantime, if you haven’t caught up on this year’s essential reading, there’s no better time than a quiet week between Christmas and New Year’s!

Happy holidays from the team at Panther!