从收集工具到自主系统运营商（由 SentinelOne 赞助）.pdf

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Nick DavisSr.Director,Cloud SecuritySentinelOneJoseph PoynerSr.Director,Sales EngineeringSentinelO

2、neFrom Collecting Tools to an Autonomous SOC S E C 2 0 6-SAgendaTodays SOC ChallengesAttack SurfaceAutonomous SOC and AI SecurityGet Hands OnVery FrustratedFrustratedNeutralHappyVery HappyDays?1 Hour5+Hours5+Hours2+HoursHunt&InvestigateTriageRespondRemediateProactive RiskManagementManual SOC Process

3、es Are Not SustainableUnmatched Visibility in OCSFHuman-Level ReasoningAgentic Triage,Investigation,and ResponseIntegration with Singularity HyperautomationBroad Threat IntelligenceProprietary ModelsPurple AI is the brain of the Singularity PlatformHunt&InvestigateTriageRespondRemediateProactive Ris

4、kManagementFrom AI AssistingHunt&InvestigateTriageRespondRemediateProactive RiskManagementTo AI Doing the WorkHunt&InvestigateTriageRespondRemediateProactive RiskManagementTo AI Doing the WorkHunt&InvestigateTriageRespondRemediateProactive RiskManagementTo AI Doing the WorkHunt&InvestigateTriageResp

5、ondRemediateProactive RiskManagement To AI Doing the WorkMulti-source correlation rules for detectionsExpert systems(e.g.,SOAR)for investigation,response,and remediationML algorithms that self-tune for better detectionsAI assistants to simplify and streamline detection engineering,investigation,resp

6、onse,and remediationLLM-based detections that predict new attacks and create detection logic for themAgentic approaches for investigation and lower risk response actionsAI suggests remediation strategies for high-risk situations,leaving final decisions and strategy to humansAgentic approaches for mo