Mike Mello

No, no.

And so by the time this airs, odds are the number is not 68 anymore.

Although some may fall away.

So I'm very much in the build camp when it comes to AI SOC.

Right.

Yeah, yeah.

But I do believe that AI is something that can really empower SOCs.

It can really help them get through just the flood of alerts that come in.

It can help them design their detection capabilities.

It can even allow them to be more tolerant of false positives because it's not going to be spending time of a human to go and look at that thing.

So I genuinely think there's a lot of value here.

The trick is how do you bring that knowledge that your SOC already has into one of those systems?

Odds are you have playbooks.

So you can bring those playbooks and you can use that to educate the AI.

How should it deal with this situation?

You should absolutely have metrics and measures and know are things getting better or worse as a result of your usage of AI.

And those are things that I think that people

may not really think about when they're thinking of moving to AI SOC.

It's like, oh, I'm just going to be able to go so much faster, or I can scale my capabilities so much more.

But there's groundwork that you have to put in place first.