Artificial Intelligence & Machine Learning , Events , Next-Generation Technologies & Secure Development

Artificial Intelligence and the SOC: A Match Made in Heaven

Forrester's Allie Mellen on Using Generative AI to Document Security Investigations
Allie Mellen, senior analyst, Forrester

Artificial intelligence and machine learning today are used extensively for detecting threats, but their utility in other areas of security operations remains less explored.

See Also: Webinar | Accelerate your SOC with AI-driven security analytics with Elastic and Google Cloud

One of the biggest market opportunities for AI and ML in cyber is around investigating potential security incidents, said Forrester Senior Analyst Allie Mellen. Specifically, Mellen said generative AI can assist with providing documentation of incidents for security teams. "So instead of having to write up a long report, you can just have AI do it for you," she said (see: Forrester: Security Analytics Tools a Challenge to Manage).

"The difference with generative AI is that it's able to understand what's going on and output something that's readable and easily understandable," Mellen said. "That has so much power because we're talking about a lot of concepts that are complex and difficult for humans to write about. Having something that can take you that one step further and help you add texture to the investigation and the documentation that you're building is powerful."

In this video interview with Information Security Media Group at RSA Conference 2023, Mellen also discusses:

  • The difference between conventional ML/AI models and generative AI;
  • The tangible benefits of applying artificial intelligence in security tech;
  • Why safeguarding AI algorithms and threat models is so difficult.

Mellen supports security executives and professionals in building and maturing their threat detection and response strategies. Her coverage includes people, processes and technology in security operations.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.