Architecting the Modern SOC: The Evolving AI Reality for Blue Teams
Bryan Fite, Dean De Beer, Nicole Grinstead, Swathi Joshi
BSidesSF 2026 · Day 1 · AMC Theatre 12
This panel discussion, "Architecting the Modern SOC: The Evolving AI Reality for Blue Teams," delves into the transformative impact of artificial intelligence on Security Operations Centers (SOCs). Featuring a panel of industry experts, the talk explores the long-held aspiration of a "sockless" future, where manual alert handling is minimized, and examines how the advent of advanced AI and machine learning capabilities might finally bring this vision closer to reality. The discussion highlights the critical evolution of SOC analyst roles, shifting from rote pattern recognition and low-value triage to more strategic functions like decision-making, crisis management, and context engineering.
AI review
A panel that gestures at real problems — alert fatigue, agentic SOC architectures, AI trust boundaries — but never gets below the surface on any of them. The terminology is correct, the framing is familiar, and almost nothing here couldn't have been written by a well-prompted LLM in 2024.