Episode 12 - The Agentic SOC: Upleveling Analysts with AI Knowledge Multipliers

Richard Bejtlich sits down with Stan Kiefer, Corelight’s Senior Manager for Data Science, to discuss how AI serves as a vital "abstraction layer" and "knowledge multiplier" for security analysts. Stan explains that while AI can synthesize complex information, it remains untrustworthy without high-fidelity network data at its center to provide verifiable evidence. The episode explores the shift toward an "agentic ecosystem" and a tiered architecture where a central orchestrator manages specialized sub-agents to accelerate detection and investigation. Looking toward the future, Stan envisions a hybrid SOC environment where adaptive systems learn an analyst's specific workflows to automate routine tasks, acting as a professional companion that can cut the time needed to reach competency in half.