Machine Learning | Breaking Cybersecurity News | The Hacker News

You invested in a new AI-SOC because you want your organization to be safe. You also don't want your SOC team to burn out from the flood of alerts they're receiving.  It's good at first. At deployment, the detections are lined up with your environment. Your SOC team reports it's going to be a learning curve, but it seems to be working. It's going well until a few months later, when it's not, at least not as well.  The problem is that the agent isn't processing alerts the way your team needs it to. It keeps flagging the CEO's logins as threats because it doesn't understand that he's traveling. It's also let a few real threats slip through the cracks. Threats that should have been easily caught. What's happening?  Pre-trained AI was built to recognize the familiar, and it does. It's trained on old data, old attack paths, and assumptions that made sense in the lab based on what's been observed before. What it can't do is understand the small, real-world details that an...

AI SOC Agents are going through a hype cycle. If we're going by Gartner's Hype Cycle for Security Operations, 2025 , this technology is still an "Innovation Trigger", but it's at the cusp of "Peak of Inflated Expectations". Every vendor claims their solution will revolutionize security operations. Every conference features another keynote promising autonomous defense. And every CISO is being asked whether AI will replace their security team. At Redis, implementing AI in the SOC has been more of a measured journey. The model is more of a hybrid SOC, so there's a combination of external service providers as well as internal resources. In this case, Prophet Security is currently proving themselves alongside a more traditional MDR provider.  But let's take a step back.  The Tipping Point for AI Adoption within the SOC Considering an AI solution for Redis' SOC came down to the confluence of three drivers.  On an individual level, there was more value from AI tools an...

When generative AI tools became widely available in late 2022, it wasn't just technologists who paid attention. Employees across all industries immediately recognized the potential of generative AI to boost productivity, streamline communication and accelerate work. Like so many waves of consumer-first IT innovation before it—file sharing, cloud storage and collaboration platforms—AI landed in the enterprise not through official channels, but through the hands of employees eager to work smarter. Faced with the risk of sensitive data being fed into public AI interfaces, many organizations responded with urgency and force: They blocked access. While understandable as an initial defensive measure, blocking public AI apps is not a long-term strategy—it's a stopgap. And in most cases, it's not even effective. Shadow AI: The Unseen Risk The Zscaler ThreatLabz team has been tracking AI and machine learning (ML) traffic across enterprises, and the numbers tell a compelling story. In 2024 ...