This session explores an overview of recent Cybersecurity Threats and how security leaders can move towards a reimagined operating model, where autonomous response capabilities compress detection-to-containment timelines. Attendees will leave with a practical understanding of where AI delivers immediate ROI, where human judgment remains irreplaceable, and how to build the governance guardrails that keep autonomous systems accountable.

SOC teams don’t have an alert problem—they have a decision problem. This panel explores how AI and machine learning can reduce noise and elevate signal by clustering related activity, enriching context, prioritizing business impact, and routing the right work to the right humans. Panelists will share practical lessons on tuning models without breaking trust, reducing false positives without missing stealthy behavior, and proving that “AI triage” improves outcomes—not just dashboard aesthetics.

As AI agents become part of everyday enterprise workflows, SOC teams are facing a new challenge: securing systems that don’t behave predictably. Traditional runtime security was designed for deterministic applications, where expected behavior is clearly defined and anomalies stand out. AI agents change that model.  

In this session, we’ll explore how security teams are using AI to improve runtime detection and response in the era of non-determinisitc applications. We’ll break down how AI-powered context and analysis strengthen visibility across three layers of runtime security, helping teams detect threats in environments where behavior constantly evolves. The result is a detection approach built for modern systems, adaptive, contextual, and designed for the realities of AI-driven infrastructure.

Investigation is where time disappears—pivoting across logs, assembling timelines, validating hypotheses, and documenting actions. This panel focuses on AI-assisted investigation that speeds up root-cause analysis while keeping analysts in control: narrative timeline generation, natural-language querying across telemetry, guided hunts, and automated enrichment that preserves evidence quality. We’ll also tackle the pitfalls—hallucinations, overconfident summaries, missing context—and how to build checks and workflows that keep investigations defensible.

AI agents are transforming every department in the enterprise, bringing both innovation and new risk. Security is no exception, and AI is accelerating SOC modernization. Leaders now face a strategic choice: not whether to adopt agentic capabilities, but how to do it without disrupting critical operations. Join us for a presentation on the future of Agentic SecOps. We’ll explore how Red Canary and Zscaler can act as a force multiplier for your team by bringing proactive and reactive security together.  

What we’ll cover:  

•  How context helps you prioritize risk and focus on what matters most

•  Why network visibility fills key gaps that endpoint-only views can miss

•  What agentic SecOps enables: faster correlation, triage, and response at scale

Automation can shrink containment time from hours to minutes—but the blast radius of a bad playbook is real. This panel looks at how AI is changing SOAR and response orchestration: smarter playbook selection, adaptive containment, and dynamic ticketing and communications. Panelists will cover how to design “safe automation” with policy guardrails, approvals, rollback plans, and continuous testing—plus how to integrate response automation across endpoint, identity, cloud, and network controls without creating new fragility.