Episode Details

Back to Episodes

Building Trust Into Agentic SOC Tools with Oren Saban

Season 5 Episode 12 Published 6 hours ago
Description

Agentic SOC platforms are no longer a future pitch — they're shipping, and teams are using them to triage and investigate cases end to end. But speed and automation only matter if you can trust the output. John sits down with Oren Saban to unpack what it actually takes to build a trustworthy agentic SOC tool.

They cover why these platforms are built as swarms of specialized agents rather than one generalist model, the role organizational context and data quality play in getting good results, how teams measure confidence and catch AI mistakes before they become missed detections, which analyst skills are becoming obsolete and which matter more than ever, and the emerging risk of prompt injection attacks against AI-powered SOC tools.

If you're evaluating these platforms — or trying to figure out what trust actually means when AI is doing most of the investigating — this conversation lays out the real tradeoffs.

Oren on LinkedIn: https://www.linkedin.com/in/oren-saban/

Contact, Courses, and More:

For feedback, reviews, guest pitches, or to get in contact with me for any other reason, head to blueprintpodcast.live!

Check out John's SOC Training Courses for SOC Analysts and Leaders:

Follow and Connect with John:  LinkedIn

Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us