AI is changing the way SOCs function, pushing organizations to rethink technology, processes, and people. Filip Stojkovski, Founder of SecOps Unpacked and a cybersecurity veteran with 15 years of experience, joins us on the Let's SOC About It podcast to explore how SOC teams can gain value from implementing AI into their practices.
Learn how to maximize your organization's ROI on AI SOC platforms, and ensure your processes and people evolve alongside it. Filip walks us through real lessons learned from his own experimentation with AI in the SOC.
In this episode of Let's SOC About It, learn:
🔁 How is AI transforming the SOC space?
🧐 What are the three types of AI SOC types, and which one is right for your organization?
😱 Is your current security process ready for AI integration?
⚖️ How do you balance customizability, control, and cost with AI SOC implementation?
Relevant links:
Follow Filip Stojkovski's Blog, SecOps Unpacked: https://secops-unpacked.ai
Connect with Filip on LinkedIn: https://www.linkedin.com/in/filipstojkovski
In this episode of the Let’s SOC About It podcast, Francis Odum gets a first look at Morpheus AI, D3 Security’s AI SOC platform. Amy Tom and David Torres dive into the use of AI in the SOC with Francis Odum, the Founder and Chief Cybersecurity Analyst of Software Analyst Cyber Research.In this episode, you’ll find out:🧐 How can AI eliminate the need for constant manual tuning of static playbooks?🕙 How will natural language querying impact analysts’ time?🧠 How does Morpheus provide intelligent guardrails that empower analysts without removing their control?🔎 What does a fully integrated, dynamic SOC look like with Morpheus AI?Relevant links:Read Francis’ AI SOC Market Landscape 2025 Report: https://d3security.com/resources/the-...Follow Francis on LinkedIn: / francis-odum-0a8673100 Get a demo of Morpheus AI: https://d3security.com/demo/
In this episode of the Let's SOC About It podcast, Amy Tom chats with Sarim Khawaja, a Product Lead at Styx Intelligence, about the dangers of cyber scam mills. They discuss the growing threat of organized, factory-like operations that execute online scams on an industrial scale.
In this episode, you'll learn:
🏭 What cyber scam mills are and how they operate
🌏 Why they are prevalent in Southeast Asia and other regions
🎭 What types of scams and targeting strategies they use
💼 What the impact is on individuals and businesses
🛡️ Best practices for organizational cybersecurity
Relevant links:
Threat detection teams are on the frontlines of detecting, inspecting, and publishing findings on new threats. But how do they get there? And what does it take to understand and dissect malware?On this episode of the podcast, we're joined by Randy Pargman, the Senior Director of Threat Detection at Proofpoint, to ask him:🔄 How does reverse malware engineering work?🔎 How do you know what you’re looking for when things evolve so quickly? 🤔 How do you stay on top of evolving tactics from bad actors? Relevant links:💜 Read Proofpoint's threat insights blog: http://proofpoint.com/us/blog/threat-...💜 Follow Randy Pargman on LinkedIn: / randy-pargman-131b773 💜 Check out DEATHCon: https://deathcon.io/
Online data brokers may seem like a consumer privacy issue –but as our guest explains on this episode of Let's SOC About It, they’re a growing business risk.
Paul Mander, General Manager of Optery, joins us to expose the scale of the online data broker ecosystem and how it fuels targeted cyberattacks like phishing, smishing, and impersonation. The line between personal and business identity is blurrier than ever – and it’s putting organizations at risk.
In this episode, you'll learn about:
🕵️♂️ How data brokers harvest and resell your employees’ personal data📲 Why that information is fueling phishing and smishing attacks🧠 The impact of AI on the sophistication and scale of social engineering🛡️ How to proactively protect your people – and reduce alerts in the SOC
Relevant Links:Follow Paul on LinkedIn: linkedin.com/in/paulmanderLearn more about Optery: http://optery.com/getting-started-business/
Identity-based attacks aren't slowing down. In fact, as Chip Bircher tells us on this episode of Let's SOC About It, it's not something you can ignore. Chip Bircher, CTO of SOFTwarfare, talks about execution methods and ways to combat identity-centric threats.In this episode, you'll learn about:👮 The military/cybersecurity crossover⚠️ How bad actors execute identity-based attack methods🤨 The use of behavioral analytics and the ethics of privacy⚙️ How AI is fuelling an identity-based attack fireRelevant Links:Follow Chip on LinkedIn: / chipbircher Learn more about SOFTwarfare: https://www.softwarfare.com/
EDR telemetry data is essential to investigating alerts and responding to threats. Kostas Tsialemis is the independent security consultant behind the DFIR Report and the EDR Telemetry Project. For this episode of Let's SOC About It, we chat with Kostas about the starting the project, working with vendors, and fostering a community to influence EDR tooling.In this episode, you'll learn:🤝 What is the EDR Telemetry Project and why was it created?🙋 Why do we need telemetry?🤨 How should cybersecurity practitioners use the information collected and analyzed for the EDR Telemetry Project?Relevant links:Visit the EDR Telemetry Project site: https://www.edr-telemetry.com/Follow Kostas on LinkedIn: / kostastsale
AI is used in phishing attacks by both bad actors and incident responders alike. So what do phishing attacks look like today, and how do we combat them? On this episode of Let's SOC About It, Amy is joined by Curtis Goddard and Brad Farris from Check Point.In this episode:🎣 What do phishing attacks look like today?😱 How is AI leveraged by bad actors in phishing attacks?⚔️ How can you use AI to protect yourself against advancing email threats?Relevant Links:- Follow Brad Farris on LinkedIn: https://www.linkedin.com/in/tbradleyfarris/- Follow Curtis Goddard on LinkedIn: https://www.linkedin.com/in/curtisgoddard/- Learn more about Avanan, a Check Point company: https://emailsecurity.checkpoint.com/
With RSAC right around the corner, we sat down with Francis Odum to talk about his tips for a good conference.In this episode, we discuss:🔥 The hottest tech to look out for at RSAC🎁 The most useful conference swag💃 The best RSAC parties and eventsDon't forget to visit D3 at Booth N-4400 in the north hall of the Moscone Center in San Francisco 🤗Relevant links:Meet with us at RSAC: https://info.d3security.com/morpheus-...Follow Software Analyst Cybersecurity Research: https://softwareanalyst.substack.com/Follow Francis on LinkedIn: / francis-odum-0a8673100
It’s back to basics this week because you can’t successfully automate without the right foundation and an effective automation strategy. Mandy Neely, a Senior Security Engineer at a Healthcare Organization, joins us on the podcast to talk about S.E.C.U.R.E. automation.
In this episode, you’ll learn about Mandy’s S.E.C.U.R.E. approach to automation:
S – Start with an existing process
E – Error handling and alerting
C – Continuous process optimization
U – Unified team understanding
R – Risk awareness
E – Effective data management
Relevant links:
Follow Mandy Neely on LinkedIn: https://www.linkedin.com/in/mandy-neely/
Learn about IPO: https://idpro.org/
Follow D3 Security on LinkedIn for Let’s SOC About It updates: https://www.linkedin.com/company/d3-security-management-systems/
AI and deepfake technology is getting more and more advanced. We often associate "getting deepfaked" with celebrities and well... anyone but people in our own networks.But CEOs and C-suite executives are amongst the most at risk to deepfake attacks, and they've got a lot to lose.
On this episode of Let's SOC About It, Benny Epand – Business Director of iZooLogic – talks about how hackers are using deepfake technology to impersonate CEOs and infiltrate networks, get wire transfers, and more.
On this episode, you'll learn:
😱 How hackers are infiltrating networks with targeted deepfake attacks
👩💻 How to protect yourself against deepfake attacks in your environment
🙏 What to do if you've fallen victim to a deepfake attack
Relevant Links:
Follow D3 Security on LinkedIn for regular podcast updates: https://www.linkedin.com/company/d3-security-management-systems
Follow iZooLogic on LinkedIn: https://www.linkedin.com/company/izoologic/
Like it or not, whether you’re dealing with a product launch or a security breach, media has a big influence on cybersecurity. Jessica Davis, former Editorial Director at CyberRisk Alliance and current Principal Analyst at Canalys, shares her tips on how to MSSPs can effectively use media as a tool in business.
From communicating with journalists to reaching the right audience, we explore what it really takes for MSSPs to influence public perception.
In this episode, you'll learn:
📰 How should MSSPs use media as a tool to reach the right people?
🤔 How should MSSPs effectively communicate with journalists?
🤝 How should MSSPs pick which media outlets to reach out to?
🤖 How many times should I reach out to a journalist before giving up on my story?
🔗 Relevant Links:
Jessica C. Davis is currently the Principal Analyst at Canalys. At the time of recording, she was overseeing the strategic direction of editorial content at MSSP Alert. Her work at MSSP Alert included overseeing the Top 250 MSSPs list, tracking cybersecurity market challenges and opportunities for managed security service providers, and identifying market forces and trends that impact MSSPs. Jessica also previously served as the top editor at Channel Insider and MSP Mentor. She’s served in senior editorial leadership roles at other technology publications including InformationWeek and InfoWorld. She has spent a career covering the intersection of business and technology.
The AI-Augmented SOC is here, and with the current wide-spread range on AI adoption in the SOC, Francis Odum joins the Let's SOC About It podcast to discuss the future of AI SOC.
In this episode:
Relevant links:
Francis Odum is a cybersecurity researcher and independent analyst read by over 60,000+ security and technology professionals. He specializes in Identity, Cloud & App Security, Network Security and the SOC.
Biometrics data hacking is evolving– and, if you’re not careful and aware of the risks, it could potentially be used in an attack against your organization.
In this episode, we’ll hear from Rishabh Goswami, a Compliance Manager at Amazon Web Services (AWS), as he shares real-world examples of how biometrics data is used by both malicious actors and businesses alike.
In this episode, you'll learn:
How could biometric data breaches impact your organization’s security and operational integrity?
What are the risks of personal biometric data being misused in ways that threaten both employees and the company?
What measures can security teams take to protect sensitive biometric data from breaches or misuse?
How can organizations navigate the current gaps in biometric data regulations to ensure robust protection?
Relevant links:
Follow Rish on LinkedIn: https://www.linkedin.com/in/rishabh-goswami/
Learn more about how D3 optimizes your workflows to help you respond to emerging threats: https://d3security.com/capabilities/soc-management/
It’s a new year, and with that brings an opportunity for MSSPs to re-evaluate their growth strategies to reach new customers and diversify their offerings. This week, Amy chats with Tony UcedaVelez, CEO & Founder of VerSprite, about offering Threat Modelling as a Service. Tony explains his 7-step threat modelling methodology, PASTA, and how he incorporates his methodology into security services for VerSprite’s customers.
In this episode:
😎 How can threat modelling help MSSPs identify and prioritize security risks for clients?
🖼️ What are the key threat modelling methodologies or frameworks MSSPs can use?
🔐 How does threat modelling enhance an MSSP’s overall security services and reduce client risk exposure?
Relevant links:
Learn more about how to scale your MSSP with D3’s automation: https://d3security.com/capabilities/software-to-scale-your-mssp/
Learn how VerSprite delivers a more profitable MSSP offering with D3: https://www.youtube.com/watch?v=ivC5Nfk0YdY
Follow Tony on LinkedIn: https://www.linkedin.com/in/tonyuv/
Follow Tony on X: https://x.com/t0nyuv
Check out the PASTA GitHb Fork Community: https://github.com/VerSprite/fork-community
Identity and access management (IAM) is stepping up and adopting AI & automation to tackle the ever-growing “Phishing Problem”. Amy chats with Natee Pretikul, the Principal PM Manager at Microsoft Security, about how MFA, passkeys, and AI-driven tools like Microsoft Copilot are transforming security strategies.
In this episode, you will learn:
🐟 How does enabling multi-factor authentication (MFA) reduce the risk of phishing attacks by 99%?
🔑 What are passkeys, and why are they seen as a key step toward a passwordless future?
🧑💻 How are hackers using AI to make phishing emails more convincing and harder to detect?
🧑✈️ What role does Microsoft’s Copilot play in helping security teams respond faster to incidents and prioritize risks?
Relevant links:
Learn how D3 helps prevent phishing attacks: https://d3security.com/solutions/by-use-case/phishing-attack/
Follow Natee on LinkedIn: https://www.linkedin.com/in/nateenew/
We’re joined this week by Ketan Nilangekar, the Co-Founder and CEO of ThreatWorx, to answer the question– how can we approach third-party risk management today, especially in the newly AI-driven world?
In this episode:
🚧How do we deal with the challenges of third-party risk management?
🤖What role does AI play in the risk management space?
🔐Does the market need a new push towards stronger security measures for software vendors?
🤝How can we work with vendors effectively to ensure we are compliant and secure?
Relevant links:
Learn more about the D3 + ThreatWorx integration: https://d3security.com/blog/automate-vulnerability-threat-management-threatworx/
Learn more about ThreatWorx at threatworx.io
Learn about D3’s cyber threat hunting playbooks: https://d3security.com/capabilities/threat-hunting/
Enter the world of AI in cybersecurity with Anthony Green, President of the ISACA Vancouver Chapter. From managing data protection to setting up the right guardrails, Anthony shares practical insights into getting the most out of AI while maintaining your security posture.
In this episode, you’ll find out:
🤔 How can businesses ensure AI models align with security policies and privacy standards?
🪜What steps should companies take to manage AI risks while remaining compliant with regulations?
🧑💻 Who is responsible for setting up and enforcing AI governance within an organization?
👷 What are the key security guardrails needed to use AI safely and prevent unauthorized data access?
Relevant Links:
Leverage D3’s Ace AI to speed up playbook development: https://d3security.com/platform/ace-ai/
Connect with Anthony on LinkedIn: https://www.linkedin.com/in/anthonygreen00/
They say that innovation isn’t just about adopting the right technology, it's about adopting a change mindset that allows you to adapt to the evolving environment in cybersecurity… Ok, well maybe no one actually says that, but it’s still true. In this episode of Let’s SOC About It, Amy Tom chats with Evgeniy Kharam about how SOAR and SIEM tools have adapted to changes in the tech landscape.
In this episode, you’ll learn:
☁️ How did the introduction of cloud technology change the development and functionality of SOAR tools?
🤝 How did APIs play a role in security automation?
🥴 Why was the traditional VPN and tunnel creation workflow inefficient and insecure?
⚙️ How are automation and AI transforming roles within security teams to improve efficiency in incident response today?
Relevant links:
Whether you’re new to cybersecurity, want to switch things up, or find yourself looking for a job well into your career, this episode of ‘Let’s SOC About It’ helps you answer the question, “why is getting a job in cybersecurity so hard?” Amy Tom talks with Francois Guay, the Founder of the Canadian Cybersecurity Network, about navigating today’s competitive cybersecurity job market.
In this episode of Let's SOC About It:
🤔Why is it so hard to get a job in cybersecurity?
🥊How do I navigate the high level of competition in today’s cybersecurity job market?
🌎Does where you live influence your hireability?
👀If I can’t get in contact with someone via LinkedIn, what can I do?
Relevant links:
Learn how to reduce alert noise with D3 - www.d3security.com/
Follow D3 on LinkedIn for show updates - www.linkedin.com/company/d3-security-management-systems/
Join the Canadian Cybersecurity Group on LinkedIn - https://www.linkedin.com/groups/8837399/
Check out the Canadian Cybersecurity Job Board - https://canadiancybersecurityjobs.com/
Visit the Canadian Cybersecurity Network’s website - https://canadiancybersecuritynetwork.com/