Guest:

• Jon Oltsik, security researcher, ex-ESG analyst

Topics:

• You invented the concept of SOAPA – Security Operations & Analytics Platform Architecture. As we look towards SOAPA 2025, how do you see the ongoing debate between consolidating security around a single platform versus a more disaggregated, best-of-breed approach playing out?
• What are the key drivers for either strategy in today's complex environments? How can we have both "decoupling" and platformization going at the same time?
• With all the buzz around Generative AI and Agentic AI, how do you envision these technologies changing the future of the Security Operations Center (and SOAPA of course)?
• Where do you see AI really work today in the SOC and what is the proof of that actually happening? What does a realistic "AI SOC" look like in the next few years, and what are the practical implications for security teams?
• "Integration" is always a hot topic in security - and it has been for decades. Within the context of SOAPA and the adoption of advanced analytics, where do you see the most critical integration challenges today – whether it's vendor-centric ecosystems, strategic partnerships, or the push for open standards?

Resources:

• Jon Oltsik "The Cybersecurity Bridge" podcast (Anton on it)
• EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI
• EP242 The AI SOC: Is This The Automation We've Been Waiting For?
• EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering
• EP180 SOC Crossroads: Optimization vs Transformation - Two Paths for Security Operations Center
• EP170 Redefining Security Operations: Practical Applications of GenAI in the SOC
• EP73 Your SOC Is Dead? Evolve to Output-driven Detect and Respond!
• Daniel Suarez "Daemon" book and its sequel "Delta V"