The Agentic SOC Shift: Smarter Security, Human-Led Decisions Artwork

Behind the Shield

Behind the Shield is InfusionPoints’ podcast where we sit down with partners, customers, and industry leaders to talk about FedRAMP, compliance, and cybersecurity in today’s government landscape. Each episode offers laid-back, insightful conversations that blend expertise with real-world experiences.

All Episodes

Behind the Shield

The Agentic SOC Shift: Smarter Security, Human-Led Decisions

April 29, 2026 • InfusionPoints • Season 1 • Episode 31

0:00 | 21:59

What happens when your SOC doesn’t just respond to threats but actively thinks, prioritizes, and takes action?

In this episode of Behind the Shield, we break down the rise of the Agentic SOC and what it means for the future of cybersecurity operations. As organizations face an overwhelming volume of alerts, evolving threats, and increasing pressure to move faster, traditional SOC models are being pushed to their limits. Enter agentic systems. These are AI-driven, decision-capable frameworks designed to augment or even transform how security teams operate.

We explore how agentic capabilities are shifting the SOC from reactive monitoring to proactive, intelligent defense. From automated triage to adaptive response workflows, this conversation dives into the real-world impact of bringing autonomy into security operations and what teams need to consider before adopting it.

Whether you're leading a SOC, building security architecture, or trying to understand how AI is reshaping cyber defense, this episode offers a grounded look at where things are headed and what it takes to get there.

What You’ll Learn:
• What an Agentic SOC actually is and how it differs from traditional SOC models
• How AI agents can triage, prioritize, and respond to threats in real time
• The role of human analysts in an increasingly autonomous environment
• Key benefits and risks of adopting agentic security operations
• How organizations can begin preparing their SOC for this shift
• Where agentic approaches align with modern frameworks like continuous monitoring and validation

InfusionPoints Links:
Alex Erhardt: https://www.linkedin.com/in/charles-e-7a2b8016a/
Nicholas Whitley: https://www.linkedin.com/in/nicholas-whitley-511085213/
https://www.linkedin.com/company/infusionpoints/
https://infusionpoints.com/
Get continuous security without building your own SOC: https://app.hatchbuck.com/OnlineForm/93633624292

About Us:
InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets.
We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement.
Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

SPEAKER_00 0:09

Hello everyone. Thank you for joining us behind the shield. I'm Alex Erhart. I've worked at Infusion Points for going on eight years now. And uh a little bit of background is I actually started part-time here, worked in the SOC, worked weekends, night shifts, all the shifts no one wants to work, holidays, and uh worked my way up to being an engineer. And I am joined with Nicholas Whitley. So tell us a little about yourself, Nick.

SPEAKER_01 0:32

I'm Nicholas Whitley. I'm a senior security engineer with Infusion Points. I've been with Infusion Points for about four years now. Um, same as Alex. Started in the the SOC and uh worked my way up through there, and now I'm on Alex's team.

SPEAKER_00 0:47

So, Nick, why AI?

SPEAKER_01 0:50

Why now? Yeah, so um, you know, this time, a year or two ago, I would say organizations were, you know, approaching AI, deciding should we use it, should we not? Um, today, that's not really a question anymore. Now it's we've got to use AI. How do we do it? Um you know, out in the wild, we've already seen threat actors using LLMs um to exploit zero days, find zero days, um, accelerate the speed of their attacks. And so with with threat actors having that advantage, being able to, you know, increase their attacks at scale, um, the blue team, the the defense is gonna have to adopt that and do the same.

SPEAKER_00 1:32

Very cool, very cool. So how much do you think this would benefit not only the team but the individual analysts themselves?

SPEAKER_01 1:40

Um benefits benefits them a lot. Um, you know, talking with um our guys in the SOC, one of the big things they talk about a lot is alert fatigue. Um, having to go through potentially thousands of alerts a day can be cumbersome. So having um sort of a tier one agent that that does that for them really helps accelerate their workflow.

SPEAKER_00 2:04

So you said accelerate the workflow. So how much have you done any math or anything on how much time we're saving by using an AI analyst versus having a human analyst reading and making tickets for everything?

SPEAKER_01 2:17

Um, so talking with the the SOC guys and also just capturing metrics on our side with the the agent we use in our X operations monitoring service. Um, our analyst would say, you know, um alerts could take anywhere from 10 to 15 minutes to triage, and then you potentially have to escalate it if it's a true positive, whereas the um agent can can do it within seconds.

SPEAKER_00 2:40

That's a it's a big difference. And I'm sure as you know, much as anybody, that that's a that's a big gap. And you know, attackers only can take a few minutes to do something. So if you haven't spend five or so minutes making a ticket down to seconds, it's quicker response time.

SPEAKER_01 2:54

So these days when a threat actor gets in, it's only you know, they can escalate their privileges and drop a payload within minutes.

SPEAKER_00 3:03

Cool. Um, so what exactly I hear the term agentic AI being thrown around. What does that what does that mean, man?

SPEAKER_01 3:10

So with the agentic SOC analyst we're using in our X operations monitoring service, um, it's essentially a um agentic workflow. So it's not just one agent, even though from the front end from someone using the platform their side, it's like they're talking to one agent. It's actually a series of agents joined together in a flow.

SPEAKER_00 3:29

So I guess the word agentic just correlates to multiple agents doing different different specific workloads.

SPEAKER_01 3:34

Yep. Yep. Each agent has its own, you know, prompt, own instruction set, own tools it can use, and together they work just like a normal SOC team would.

SPEAKER_00 3:43

Cool, cool. So if you have multiple agents, um is that a lot harder to engineer or you know, is that a hard larger lot harder solution to just bring bring to the table, or is it is it just as simple as it sounds?

SPEAKER_01 3:58

Um, I would say doing multiple actually makes it easier. You know, if you have a traditional SOC and you throw one analyst in and say, hey, do everything, they're gonna get overwhelmed. It's gonna be hard to manage that workload. Whereas having you know multiple SOC analysts, that's the same as having multiple agents. Some can be dedicated to certain things, have their own expertise in different areas and work together as one team.

SPEAKER_00 4:20

So the expertise is like they each have their own knowledge base. Okay. Yep. I guess that makes sense. You think about it, you know, it's kind of like just a team in general. Like you might be the expert on one thing, I might be the expert on another. Yeah, but yeah, cool. Cool. So um, how do we my my biggest concern with AI for a while has been how do you trust what it's given back to you? Especially if you're automating like a sock, because you it's gotta be pretty reliable. If it's marking stuff as false positives, it doesn't need to be, yeah, that's not ideal, not good for anybody. So are we combating that?

SPEAKER_01 4:51

Yeah, so um there's there's a phrase that that people often use, the human in the loop. Um, so not just trusting it 100% of the time at face value, um, still having a team of human analysts in the loop monitoring its decisions. Um, also before implementing into production, we have test workloads. We feed it alerts that we've received that analysts have triaged in the past. We feed it those alerts, see how it analyzes them, see how it triages and compares it and compare it to past nodes from real analysts to see how they compare what it did that the analyst wouldn't have done, or what it you know didn't do that the analyst would have done.

SPEAKER_00 5:30

Is there any kind of like uh human element when it comes to giving it new information? Or can anyone just get in and look like, okay, this is a false positive now? Because like what if someone makes a mistake? Because you know, I used to work in the SOC. I mean, everyone humans make mistakes, that's the whole thing.

SPEAKER_01 5:45

So when building it out, one thing we were really worried about was data poisoning. So um, let's say you have an alert come in that gets ticketed, um, you know, a SOC analyst or someone in the environment notes on the ticket, this is a false positive authorized activity can be disregarded. Um, that's great, you know, for efficiency. The agent can learn off of that, use that in the future so it doesn't unnecessarily alert and notify personnel. But at the same time, someone with um, you know, it doesn't even have to be malicious intention. It could be unintentionally put the wrong information. You know, that person who commented on the ticket that this is authorized may have just been misinformed. Yeah. Or they could be intentionally trying to exploit the agent and put that just so the agent would think it's fine.

unknown 6:30

Yeah.

SPEAKER_00 6:30

Um, someone got in the environment, somehow figured out we're using this, and then they're like, okay, I'm about to do XYZ. So I'm gonna go tell this thing the XYZ is okay. Yep.

SPEAKER_01 6:38

Yeah, exactly. Um, two points to that. Um, you know, on one hand, that's that's no different than a traditional environment. You know, if someone gets access to your seam or EDR um and they have malicious intent, they could easily go in, disable some rules, um, disable agents that are running on endpoints, things of that nature. But also one way we've um further addressed that is within our X operations solution, um, you can manage permissions of users. And so you can grant certain users essentially the AI agent admin. Okay. And so when they comment on tickets, the agent actually absorbs that input and uses it to learn off of, whereas, you know, base users read only users, their comments aren't regarded by the agent.

SPEAKER_00 7:23

Okay, so it's it's pretty much peer reviewing before it goes into production. Yep. Okay. Yep, exactly. Cool, cool. So what is the um the risks of using this AI model? Is there is there any or is it net positive all around?

SPEAKER_01 7:40

So, like we mentioned, you know, um, there's the potential for data poisoning. Um, trying to tell the agent, don't alert on this and you have malicious intent and just want to do that in the environment and go unseen. That is a risk. However, that's a risk that's present, as I said, in current solutions. You can put exclusion rules in current seam tools so your activity isn't alerted on. Um, so while a risk, that is a risk that already exists, you know, in today's landscape.

SPEAKER_00 8:07

Yeah, I had another question. So if you mentioned there's kind of like an approver list or some kind of peer review to get you know stuff like that added to the knowledge base, but does it do any kind of learning on its own? Like will it will it make its own decisions or does it have to only be peer-reviewed stuff that gets allowed in into the knowledge base?

SPEAKER_01 8:26

So I guess that's kind of um where you have to start thinking about how to use AI correctly, because if when you build this workflow out, you're just putting in a bunch of if-then statements. It's no different than a SOAR tool where you're telling it, if I receive this alert, take these actions in the environment. And so whereas SOR executes actions based on, you know, human-made rules, the agentic AI is actually making those decisions. So in that agentic workflow I talked about, you know, you have agents that go out to the internet and look up, you know, real-time threat intel, search IOCs. So, you know, let's say we get a low-level alert for you know brute force activity, um, external appliances are always getting brute forced. You know, it may notify or may ticket that as a lower priority alert. However, if it sees that the IP associated is tied to a threat group, it might elevate that to a medium or a high severity alert.

SPEAKER_00 9:22

Cool. Um, you think it's gonna you think it's gonna filter out a lot of the noise over time? You think it's gonna be smart enough to learn all that? Because I know a lot of the you mentioned earlier about alert fatigue, you know, we worked in the stock for years, but that was one of the big things is like, oh, I see X alert for X customer. This happens once a week, twice a week, every day, every hour, whatever the cadence might be. You're kind of like, oh, you kind of get numb to it, you know? You're like, oh, this happens, it's nothing big deal. So you so you stop doing the analysis you probably need to do. Yeah. So you think it's gonna get rid of all that not garbage, but just noise that would bog down the analyst and just kind of give it true alerts that really need someone to dig into?

SPEAKER_01 10:03

Yep. Um, so I know we've seen it from our time in the stock, and I've also, you know, read stats that you know, some stocks say that over 90% of their alerts are just noise and are disregarded. So, you know, as the the AI agent uh urgentic flow learns, um evolves, uh, it can hopefully work to filter out that noise. Um, you you mentioned what risks are associated with this. Um, you know, that's that's one potential risk is it's great if it can filter out some noise, make make things easier on our human analyst. However, what if it filters out the wrong things? And that's a risk. Um, however, I've slowly started to to treat AI the way I would talking with you or another coworker. People are gonna make mistakes. All you can do is show them why they made that mistake, how it was a mistake, and teach them how to address that in the future so it it doesn't happen again.

SPEAKER_00 10:54

Yeah, because I know when the sock hits us up and like, hey, we're getting blown up with you know some guard duty alert or whatever it is. That's the balance we have to do. So you're basically you're helping us out too from the engineering side. Because if it's doing that tuning for us, then that's one less thing me and you have to do. Yep. And it also benefits the SOC guys, so it's cool. Yep. So that kind of leads into the next topic we're gonna cover is you know, it it helps us, it helps the SOC. So does that kind of change the roles a little bit around here or yeah.

SPEAKER_01 11:27

So um with this, you know, agentic flow in our X operations service, it's it's really kind of eliminated the need for our human analysts to operate at a tier one level. You know, there's no longer anyone just sitting staring at a SIM page, refreshing every five minutes, waiting for a new alert, triaging it, closing it out as a false positive. Um, the the agentic workflow really takes it from beginning to end of the tier one process. It ingests the alert, analyzes the activity, pulls out relevant information, like the user involved, the you know, associated IP, it reaches out to the seam, EDR, whatever tools you have, investigates those um users' IPs and does all the triage it needs, addresses this situation at a whole. Um, actually, within this flow, we have a separate review agent. So once all the agents are done doing everything, there's one one review agent that looks over all of it, makes sure it makes sense. And then it also makes the decision of you know what action to take next. Do I close this alert as a false positive? Do I leave it open but not ticket it and you know reach out to a human for further review? Or do I go ahead and make the decision based on severity that, hey, this needs to be ticketed and someone needs to be notified?

SPEAKER_00 12:42

How is it notified? Is it email?

SPEAKER_01 12:44

Is it um so once an alert's received and it determines a human needs to take a look? Um, the agentic workflow can submit a ticket for it. So it gathers um relevant bits of evidence, generates a summary of the alert, um, pulls any raw logs from various tools it checked and dumps that all into a ticket for someone to view. Um, it can also be integrated with, you know, email, um, your communication platform, teams, Slack, and notify personnel that way.

SPEAKER_00 13:12

Cool. So it's it's basically like you hired a new analyst that's just 24-7 analyst. Yep. Essentially.

SPEAKER_01 13:19

Yep. And it's also when it creates those tickets, um, it um looks at your org, looks at your, you know, your structure, what teams you have, whether you have a security operations team, IT team, and based on the type of alert, you know, let's say it's uh a disk space alert on a server, a disk it's full. It may think, okay, that's not a security issue, but it needs to go to an operations team. And so rather than assigning it to security, it'll assign it to operations and only notify that personnel.

SPEAKER_00 13:48

Yeah, it's like we have all those SOPs, might as well let it do it for us. Yeah. Um, you mentioned all the actions it's gonna take in this scenario here. Um one of the big things we do with the SOC is we have to keep pretty much an outlog of everything, keep track of the tickets, keep track of, you know, even the user activity in the sim, you know, they ran this query, that query. Is that the same type of logging in the agentic AI flow?

SPEAKER_01 14:11

Yeah. So um, whenever the alerts come into the console, there's an evidence section that shows, you know, everything that the age agentic flow did during its process of investigating the alert. That's also where it says if it made a ticket or not. Um, and back to the the permissions I talked about earlier that you can assign to users in our platform, you can kind of assign what level of auditing you see. So, you know, maybe a an analyst, you just see what the agent did or what the agents did, what they saw, why they made the choices they did, et cetera. Whereas, you know, for auditing purposes, for compliance frameworks, if you need to see further into the back end logic, you can make someone a higher permission, or give someone a higher permission set. And you know, they could see the exact endpoints it reached out to to get information or the exact tools it used, what public resources on the internet it called out to to get its threat intel, things like that.

SPEAKER_00 15:07

Like that's kind of the coolest part for me, just being able to see where did you get this info? How did you make this decision essentially? Because that kind of helped you troubleshoot if it's making wrong decisions as well. Yeah, like, oh, you went here, you shouldn't have looked on this website to look for a C V E or something like that, you know.

SPEAKER_01 15:23

Yeah, because I know I know during the first stages of this, that was really important. You didn't want it to hallucinate, just say, say flat out wrong information. And I know during the the first phases of building it out, I would test from from my house and trigger alerts myself. And so my IP was in that. And in the early, early stages, I had times where it would say this IP is malicious and associated with you know known threat groups. And I'm like, where are you you getting this? And I later realized it was hallucinating. And so that that made me realize we need to have a way to audit what the agent does.

SPEAKER_00 15:54

Or it could have been your neighbor. Yeah. You know, he's up to something. Um yeah, so I'm curious how scalable is this? Like, is it easy to just like plug and play into different places, or is it there's a lot of involvement from you or me or someone else in the engineering team to get it up and running?

SPEAKER_01 16:10

Yeah, so as you know, our are customer base, they're all using various different tool sets, um, different solutions, different IDPs. And so essentially the most of the agents in the flow don't look at, you know, one tool in sp in particular. They investigate the alert an alert in the broad sense. Whereas you have agents off to the side that pick up the alert depending on what tool it's coming from. So if you know you're ingesting a tool from one seam, it will you have a agent that initially takes in that information, determines, hey, this is from, you know, insert whatever seam you're using here, and says, okay, I need to consult my agent who's an expert in that tool. Cool. And so you can build one agent that's an expert in the tool, and it works with all the other agents who kind of just know seam tools at a high level.

SPEAKER_00 17:03

Like let's say we got a brand new customer, right? And we're like, okay, you know, we got seven of these applications they're using. We already have an agent for. But let's say they're eighth one we don't. Is that is it a really hard process to kind of take uh a different application agent and make it for a new application? Or nope.

SPEAKER_01 17:21

Um, so the the agents realize they're in a flow, but they can also work independently. So, you know, to equate it to a normal sock, if me and you are in a sock and all of a sudden you're out, I'm like, that's that's unfortunate. I have lost a pair of hands, but I can I can take things over from here. It's essentially the same way with the the agentic flow. Um it's great the more you have, but if agents drop off or don't know how to handle things, the others can kind of pick up the slack.

SPEAKER_00 17:50

Cool. So is there any you mentioned a lot of features with this agent. Is there any roadmap features or you know, future plans that you see this this thing go into?

SPEAKER_01 18:00

Um right now with the the solution, it's very it's very read-only. Um, you know, it'll take in logs, investigate, um, determine how the alert should be escalated. Um, really the only action it'll take is is contact someone. Um, what we're hoping to have is, you know, really a full tier one potentially getting into tier two. So let's say we receive an alert that someone's logging in without MFA, obviously a security risk. Right now, it would, you know, notify, determine that's a security risk. However, it'd be in the future, we hope to take it to an extra level to where that, you know, an agent that has access to your IDP or access to your environment can go in temporarily disable the account until MFA is applied. And maybe even one day apply that MFA.

SPEAKER_00 18:48

That's pretty pretty cool. I guess I would take that whole checks and balances into a you gotta be 100% sure if you're gonna let this thing take action on on your environment, pretty much making code changes. Yep. Um so we most of our environments, as you know, you know, we use Terraform Infrastructure as code. Um is the first step just to get it to make changes like in the console, or is it you think in like terraform changes?

SPEAKER_01 19:12

Um definitely console at first. Um and you know, talking with others in the field, it I think it's gonna be a while before you get to where people are willing and trusting of AI to make decisions that that would be.

SPEAKER_00 19:26

I mean, our Terraforms repo is insanely huge. So for it to have that knowledge on just our internal repo and then be able to find and fix whatever it needs to, I feel like is is a big, big leap forward.

SPEAKER_01 19:39

Yeah. Um, which you you mentioned earlier about how do we audit what the agent does. I kind of think long term being able to audit is gonna be the benefit that makes us use AI more. Because, you know, let's say a tier one human analyst um makes a mistake. Um, we can just go back to that MFA alert for reference. Let's say, you know, someone had put in a ticket saying they were using a test account, testing, logging in without MFA. That alert comes in, the agent disables the account, while MFA or no MFA is a security risk, that was previously authorized activity. Someone has submitted a ticket. Um, that was clearly a mistake on the human analyst part. Um, but when you ask them, that's that's really all you can do is ask them why they disabled that account when it was ticketed. You can't go into their brain and pull out logs of why they made that.

SPEAKER_00 20:29

But say I you can, because it gives you its brain.

SPEAKER_01 20:31

You'll see those exact logs of what it did and why it did it. And then you can also implement, you know, tight controls to make sure that doesn't happen again. To whereas, you know, we're human, you tell us not to do something we might forget and do it again.

SPEAKER_00 20:44

Yeah, that's true. So is there anything else you wanna you want to tell us about your agent?

SPEAKER_01 20:51

Um I think going back, you know, in the beginning we were discussing how threat actors are already using AI. Um, seeing some, you know, pretty pretty crazy stuff. It's crazy time. Um attack. I mean, it's the same attacks at heart, you know, but there it's just that the scale you can do them and it's also becoming easier. Um, you know, just about anyone can pick up an LLM, um, ask it how to do basic exploits and be a you know a hacker in a day, so to speak. So we definitely have to do the same thing on our side. And so I think it's damaging to say, you know, we can't trust AI at this level because the the longer we wait, the longer it's gonna take to get a state where we trust it.

SPEAKER_00 21:39

So I'm saying if we don't use AI, we'll fall behind. Absolutely. Yeah. So if we can't beat them, join them, right? Yeah, for sure. Cool. Thank you for joining us on Behind the Shield. I'm Alex O'Hart, and this is uh Nicholas Whitley. As always, like and subscribe. Thank you.