Hey, great read as always. With detections.ai using AI to generate rules, I wonder if you see that shifting the bottleneck from rule creation to the actual processing and human interpretation of the increased alerts that AI SOCs generate? You realy always have such insightful takes on these complex topics, it's genuinely fascinating to follow.
I believe the focus on precision will shift to recall, but it'll create a "poverty" for organizations that can't afford to pay the token tax to OpenAI et al. It solves the issue of human capacity and the balance of TP/FP in some ways, but it introduces economies of scale that become untenable to pay for the 99%
Hey, great read as always. With detections.ai using AI to generate rules, I wonder if you see that shifting the bottleneck from rule creation to the actual processing and human interpretation of the increased alerts that AI SOCs generate? You realy always have such insightful takes on these complex topics, it's genuinely fascinating to follow.
I believe the focus on precision will shift to recall, but it'll create a "poverty" for organizations that can't afford to pay the token tax to OpenAI et al. It solves the issue of human capacity and the balance of TP/FP in some ways, but it introduces economies of scale that become untenable to pay for the 99%