Ep163: Operationalizing the AI-powered SOC - What it Takes to Make AI Work
Update: 2025-10-27
Description
Arctic Wolf's Dean Teffer reveals how they transformed security operations by processing one trillion daily alerts with AI, and shares hard-won lessons from operationalizing AI in production SOC environments
Topics Include:
- Arctic Wolf processes one trillion security alerts daily across 10,000 global customers
- Security operations remained stubbornly human-mediated due to constantly evolving threats and infrastructure complexity
- Dean explains why platformizing data creates a virtuous cycle enabling AI automation
- Traditional ML models couldn't handle SOC's situational complexity, leading to LLM adoption
- Arctic Wolf's unique advantage: direct access to 1000+ SOC analysts for continuous feedback
- AWS partnership began with governance concerns about data privacy and model training
- "Centaur Chess" approach: AI-human teams consistently outperform either alone in cybersecurity
- Three-generation AI evolution: from personal use to prompt engineering to expert-tuned models
- Three-day AWS hackathon achieved breakthroughs that would've taken months independently
- SOC analysts actively shaped AI responses through iterative feedback during live operations
- Observability proved critical: tracking performance, quality metrics, and response times for continuous improvement
- Measurable impact achieved: automated alert orientation dramatically increased analyst efficiency and response quality
Participants:
- Dean Teffer - VP of AI/ML, Arctic Wolf
- Aswin Vasudevan - Senior ISV Solution Architect, Amazon Web Services
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
Comments
In Channel
Download from Google Play
Download from App Store
United States00:00
00:00
x
