Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI-powered SOCs are dominating industry conversations, yet security leaders remain split on whether a truly autonomous SOC can ever exist. Despite certain vendors aggressively marketing fully autonomous SOC solutions, Gartner's analysis "Predict 2025: There Will Never Be an Autonomous SOC" suggests solutions in the market are unlikely to deliver against claims of full autonomy. As someone who has run SOCs, I agree. Full autonomy isn’t the answer.

Artificial intelligence is no longer just an emerging technology in security operations and modern SIEMs. AI agents now enrich alerts, drive investigations, generate reports, and increasingly act as extensions of human analysts. But as with any powerful technology, new risk surfaces follow. From the Exabeam perspective, every entity in your environment deserves protection.

Prompt guardrails are a common first line of defense against client-level LLM application attacks, such as prompt injection and context poisoning. They’re also a critical component of a full defense-in-depth strategy for LLM security at the infrastructure, supply chain, and application level. The specific guardrails that teams implement depend highly on use case, but they are typically designed to.

Introducing third-party AI into your systems can be a milestone for productivity and growth, but it also expands your attack surface in unpredictable ways. If your AI vendors have weak controls, threats like data poisoning and algorithm failure can ripple through your systems.

Patrick Orzechowski (also known as “PO”) is Torq’s Field CISO, bringing his years of experience and expertise as a SOC leader to our customers. PO is a seasoned security veteran with a deep understanding of the modern security landscape. You can find him talking to SOC leaders and CISOs from major brands at cybersecurity events around the world. Every SOC has an escalation process — but not every SOC has one that is truly effective.

Threat actors are abusing X’s generative AI bot Grok to spread phishing links, according to researchers at ESET. The attackers achieve this by tricking Grok into thinking it’s answering a question, and providing a link in its answer. “In this attack campaign, threat actors circumvent X’s ban on links in promoted posts (designed to fight malvertising) by running video card posts featuring clickbait videos,” ESET says.