Security operations centers face three critical challenges: drowning in alert noise from legacy detections generating false positives, prohibitive costs of centralizing data in SIEMs like Splunk, and the complexity of operationalizing data lakes. Traditional AI solutions focus solely on alert triage, but comprehensive SOC modernization requires AI agents across the entire detection engineering life cycle. Financial institutions are shifting to cost-effective data lake architectures while maintaining detection capabilities, using AI to transform manual, time-consuming processes into automated workflows that free analysts for high-value threat detection.

Led by Michael Monte of Anvilogic, the session will cover:

• AI-powered data onboarding workflows that normalize and schematize data for detection use;
• Search agents that generate queries and identify relevant data sources automatically;
• Triage agents with feedback loops to continuously improve detection quality and reduce analyst burden.