BlinkOps

We’re bringing this one back… Join our AI #CyberSecurity Land Rover Experience on Weds 13 May for a mix of practical discussion about AI in the #SOC and something a bit different in the Yorkshire countryside. AI is starting to make real impact in the #SOC, the challenge is knowing where it genuinely adds value without losing control or visibility. That’s exactly what we’ll be getting into... • Deep dive into agentic AI in the #SOC • Open discussion with peers facing the same challenges • Off-road Land Rover driving experience Delivered alongside BlinkOps who are leading the #agentic #automation of security operations at scale. Spaces are limited, register in comments 👇

Most AI SOC investments automated the easy part. Organizations declared victory after deploying AI triage. Faster alert closure, better metrics, and happy dashboards, problem solved, right? Then reality hit. They’re still dealing with the same remediation backlog, same broken detections generating noise, same feedback loops that go nowhere and often more decisions queued for human review than before. We got faster at triaging alerts, but we didn’t get better at fixing problems. AI SOC is one solution but it is not a comprehensive platform. The real shift is toward what I call the Agentic Security Operations Platform (ASOP). Infrastructure that lets you build any security solution your program needs. Not just AI SOC. The application of agents and agentic architectures applied across IAM, cloud security, GRC, detection engineering and threat hunting. The same building blocks are key. Such as an agent builder, workflows, case management, analyst copilot, and an integration layer. Different solutions but built once, and deployed across your entire security program. The platforms that win will not just close the most alerts. They will eliminate the number of decisions that ever need a human in the first place. Read more on where SecOps is heading with Resilient Cyber’s partner BlinkOps’ 2026 SecOps Decision Gap report: https://lnkd.in/ei7D3DPs #ciso #cyber #ai #secops

What a week at the Innovate Cybersecurity Summit in Marco Island! 🌴 Between getting the opportunity to host deep discussions and dine with security leaders and their teams, incredible networking conversations at our booth, and delivering our session on why every security team needs an Agentic Security Operations Platform - we can't quite pick a favorite moment! Add in the gorgeous venue and that signature Florida sunshine, and you've got the recipe for a truly successful week with the security community. 💙 See you in Scottsdale! Mike Wayne Brian Goff Joshua Weinick

Every security team is racing to build a bigger, smarter AI agent. The SOCs actually scaling AI in production are doing the opposite. Walk into any SOC running AI at scale and you'll see the same pattern. 𝗡𝗼𝘁 𝗼𝗻𝗲 𝗴𝗶𝗮𝗻𝘁 "𝘀𝘂𝗽𝗲𝗿 𝗮𝗴𝗲𝗻𝘁" 𝗱𝗼𝗶𝗻𝗴 𝗲𝘃𝗲𝗿𝘆𝘁𝗵𝗶𝗻𝗴. A fleet of small, specialized ones, each tuned for exactly one job. Each one specialized to a single domain. Each one built to reason within it, not across all of them: → Phishing triage over email security (Proofpoint, Abnormal) → Identity enrichment over IAM (Okta, Entra ID) → Endpoint isolation over EDR (CrowdStrike, SentinelOne) → Cloud misconfig over CSPM (Wiz, Prisma Cloud) → Vuln prioritization over scanners (Tenable, Qualys) → Alert correlation over SIEM (Splunk, Sentinel) → Case routing over ticketing (Jira, ServiceNow) The problem was never that AI agents aren't smart enough. It's that 𝗼𝗻𝗲 𝗮𝗴𝗲𝗻𝘁 𝘁𝗿𝘆𝗶𝗻𝗴 𝘁𝗼 𝗯𝗲 𝗲𝘅𝗽𝗲𝗿𝘁 𝗶𝗻 𝗲𝘃𝗲𝗿𝘆𝘁𝗵𝗶𝗻𝗴 𝗶𝘀 𝗲𝘅𝗽𝗲𝗿𝘁 𝗶𝗻 𝗻𝗼𝘁𝗵𝗶𝗻𝗴. 🔍 If your AI agent fails in production tomorrow, can your team explain why? Can you trace the decision. Isolate the cause. Patch it without retraining the whole thing. If not, 𝘆𝗼𝘂 𝗱𝗼𝗻'𝘁 𝗵𝗮𝘃𝗲 𝗮𝗻 𝗮𝗴𝗲𝗻𝘁. 𝗬𝗼𝘂 𝗵𝗮𝘃𝗲 𝗮 𝗯𝗹𝗮𝗰𝗸 𝗯𝗼𝘅 𝘄𝗮𝗶𝘁𝗶𝗻𝗴 𝘁𝗼 𝗳𝗮𝗶𝗹. Monolithic agents look good in demos because the demo is small. In production the complexity compounds. Decision paths become untraceable. Debugging breaks down. Cost blows up. The fix isn't a smarter monolith. It's specialization. One agent for phishing triage. One for identity enrichment. One for endpoint isolation. Each measurable, each auditable, each constrained by deterministic guardrails so the blast radius stays small. When one fails, the others keep working. When one needs tuning, you tune it, not the whole system. Our team breaks down the full case for micro-agents over monolithic AI. Link in comments ↓ #cybersecurity #secops #agenticai

Alert fatigue isn't your problem. You've been treating the symptom for 10 years. Walk into any SOC, regardless of size, stack, or maturity level, and the pattern is the same: Analysts aren't drowning in alerts. They're drowning in the 7 windows they need open  to investigate one. The same incident lives in: → The SIEM → The EDR console → Email → Slack → Jira or ServiceNow → A vendor portal → The MSSP's ticketing system None of them agree. None of them sync. That's not an alert problem. That's 𝗰𝗮𝘀𝗲 𝗳𝗿𝗮𝗴𝗺𝗲𝗻𝘁𝗮𝘁𝗶𝗼𝗻. 🔍 Quick gut-check: Count the tools your analysts touch to close one case. 𝗠𝗼𝗿𝗲 𝘁𝗵𝗮𝗻 𝟯? 𝗔𝗹𝗲𝗿𝘁𝘀 𝗮𝗿𝗲𝗻'𝘁 𝘆𝗼𝘂𝗿 𝗿𝗲𝗮𝗹 𝗽𝗿𝗼𝗯𝗹𝗲𝗺. Most "case management" products miss this entirely. They're standalone inboxes that sit next to your workflow instead of inside it. 𝗡𝗲𝘄 𝗱𝗮𝘀𝗵𝗯𝗼𝗮𝗿𝗱. 𝗦𝗮𝗺𝗲 𝗯𝗿𝗼𝗸𝗲𝗻 𝗲𝗻𝗴𝗶𝗻𝗲. The fix is structural - case management built into the workflow engine, with bidirectional sync to downstream systems and observable-based enrichment that runs the same way every time, regardless of which tool the alert came from. That's the difference between a faster mess and a real platform. Mason G., our Solutions Engineering Tech Lead, broke down exactly how we build this for customers — link in comments. #cybersecurity #secops #SOCanalyst

At the Innovate Cybersecurity Summit in Marco Island, @Josh Weinick will make the case for why CISOs need to think bigger - and how Agentic AI Transformation is redefining what's possible for security programs. Catch his session, "Beyond SOAR & AI SOC: The Case for an Agentic Security Operations Platform," Tuesday, April 21 at 9:20 AM. Our team will also be at Booth #106 all event long (April 19-21) - we'd love to talk about what this shift means for your team.

Security teams are drowning in alerts. Most are noise. The rest take too long to investigate. Tomorrow, our own Aaron Beveridge joins ITogether and Yorkshire Cyber Security Cluster to break down how AI SOC can dramatically reduce investigation time, while keeping humans in control where it matters. We’ll cover real-world use cases, plus a live demo and open Q&A. 📅 Wednesday, April 15 | 1PM BST | 8AM EST 🔗 Register for free → https://lnkd.in/e4wxFUuV #cybersecurity #SOC #AI #securityoperations #automation

It was another fun event filled BlinkOps Pickleball event at Dinks & Dingers with high energy and great competition between local IT and Cybersecurity professionals. 2 Months of Pickleball down, many more to go. Our next event will be on May 13th. We look forward to seeing our returning players and welcoming new Security & IT "professional" players! 🏓 Special thanks to Matthew Morris & our partners at Netskope for helping support this event! #ITNetworking #CybersecurityNetworking #WorkHardPlayHard #TechOnTheCourt #BlinkOps #AgenticSecurityOperationsPlatform #PickleballLife