This is an excellent post, Francis. It demonstrates the complexity of SOC/SIEM/AI-driven SOC and the challenges it presents for end-users in terms of understanding.
It raises a question: We've been discussing "engineering-led SOC practices" for years now. Is the new Data Lake approach a first step towards more "engineering" practices like pipelines, CI/CD, etc.?
In my experience leading teams at consulting firms, this pattern emerges consistently. What's been your biggest challenge with execution?
This is an excellent post, Francis. It demonstrates the complexity of SOC/SIEM/AI-driven SOC and the challenges it presents for end-users in terms of understanding.
It raises a question: We've been discussing "engineering-led SOC practices" for years now. Is the new Data Lake approach a first step towards more "engineering" practices like pipelines, CI/CD, etc.?