How GenAI helps entry-level SOC analysts improve their skills

Security operations centers (SOCs) are using generative AI systems to automate repetitive triage and documentation tasks, allowing entry-level security analysts to spend more time on investigations, crafting responses, and developing core skills. It may not be a magic bullet, but the technology can be another useful weapon in the analyst’s arsenal, increasing accuracy, providing a knowledge base, and gathering information quickly and efficiently.

GenAI writes prompts, explainers so analysts can handle bigger jobs

Secureworks, which provides SOC services and software to customers in addition to running its own SOC, has been using various forms of AI for years. The company used a range of technologies, including anomaly detection and other machine learning models, all the way up to neural networks. These systems helped Secureworks collect and prioritize alerts so that analysts could focus on the most critical ones first. Over the previous 18 months, the company saw an 80% reduction in alerts and a 50% reduction in analyst workload, allowing the analysts to spend more time on more difficult cases and on serving new customers.

“The next area of focus was how to improve the analyst experience from a triage, investigation, and response perspective,” says Kyle Falkenhagen, the company’s chief product officer. It was the perfect time for generative AI to hit the scene.

Read full article at CSO magazine.