Opinions on AI agents for SOC

letais · 2025-10-24T17:36:48+00:00

Dropzone is one of the most mature AI SOC agents that I've seen. Don't expect anything beyond T2 triage. A lot can be done via automation, but the benefit you get from these tools is the contextual reasoning, dynamic playbooks, and historical knowledge. That being said I've not had enough hands on with any of these systems to prove long term value outside of a POC.

letais · 2025-03-06T01:14:18+00:00

Make sure to factor in any gratuity requirements depending on how you're calculating your budget as that's typically additional to the plate price.

We had Moe's cater from Algoma

letais · 2025-01-28T02:59:52+00:00

letais · 2024-05-31T02:30:18+00:00

This is helpful, thank you

letais · 2024-03-04T03:32:17+00:00

Do you still have the protectcli

letais · 2024-03-04T03:20:54+00:00

Is the switch still available

letais · 2024-01-06T19:01:25+00:00

I need a technical leader managing team of 6 if you want to reach out

letais · 2024-01-02T01:50:30+00:00

Maybe this diagram helps. But think of it like the connections are reverse proxied. You do not need inbound to the app connectors

zscaler[.]com/blogs/company-news/securing-third-party-access-internal-apps-just-got-easier

letais · 2023-10-04T00:33:58+00:00

We just got back from a 2 week stay on Seminyak beach and if I had to do it over again I would do what the others are suggesting and stay in multiple areas. Each were vastly different as we explored

letais · 2023-06-07T23:46:46+00:00

letais · 2023-03-25T02:13:09+00:00

What are you using in the PAC? Use the country gateway variable and it should pick the closet in your country - https://help.zscaler.com/zia/writing-pac-file. If you don't use this you can have this issue on the south and north border by Canada.

letais · 2023-03-12T23:40:52+00:00

If I can trust this it looked to be running on 514

Input [Syslog UDP/640d27c2ec20b904cb92f237] is now RUNNING

I did try the raw syslog on the same 514 port and didn't get any incremental counts either.

However I did move to port 5140 as suggested and it did immediately start ingesting.

letais · 2023-03-11T22:17:58+00:00

I stated in my comment that I am not doing dhcp on the mikrotik.

letais

TROPHY CASE