Beyond the Prompt: Building the Security Agent Fabric

1
00:00:00,000 --> 00:00:02,280
Your SOC analyst isn't a security expert.

2
00:00:02,280 --> 00:00:04,600
They're a data entry clock with a security title.

3
00:00:04,600 --> 00:00:07,040
They open tickets, they read alerts, they fill out forms,

4
00:00:07,040 --> 00:00:08,040
and they close tickets.

5
00:00:08,040 --> 00:00:09,480
That is the job.

6
00:00:09,480 --> 00:00:12,680
And we wonder why 64% of them spend half their day

7
00:00:12,680 --> 00:00:14,360
on tedious repetitive tasks.

8
00:00:14,360 --> 00:00:15,720
That isn't a staffing problem.

9
00:00:15,720 --> 00:00:17,440
It isn't even a complexity problem.

10
00:00:17,440 --> 00:00:18,880
It's a system design problem.

11
00:00:18,880 --> 00:00:20,600
We've been measuring the wrong thing for years

12
00:00:20,600 --> 00:00:23,480
because we obsess over MTTR, mean time to respond.

13
00:00:23,480 --> 00:00:24,760
How fast can we close a ticket?

14
00:00:24,760 --> 00:00:26,160
But MTTR is a lie.

15
00:00:26,160 --> 00:00:27,800
A ticket can be closed in five minutes

16
00:00:27,800 --> 00:00:29,440
if nobody actually investigates it.

17
00:00:29,440 --> 00:00:31,360
And we've built systems that optimize for speed

18
00:00:31,360 --> 00:00:32,680
instead of removing risk.

19
00:00:32,680 --> 00:00:34,320
Then we stacked more tools on top,

20
00:00:34,320 --> 00:00:35,880
hoping more automation would fix it.

21
00:00:35,880 --> 00:00:37,680
Instead, we just created more noise.

22
00:00:37,680 --> 00:00:39,400
The real issue is that we made the human,

23
00:00:39,400 --> 00:00:40,800
the orchestration bus.

24
00:00:40,800 --> 00:00:43,320
Every decision flows through a human click.

25
00:00:43,320 --> 00:00:45,840
The human is the traffic cop directing alerts, data,

26
00:00:45,840 --> 00:00:47,120
tools, and decisions.

27
00:00:47,120 --> 00:00:48,760
And we're wondering why they're burned out.

28
00:00:48,760 --> 00:00:50,720
Agentec defense isn't about replacing humans

29
00:00:50,720 --> 00:00:51,760
with smarter chatbots.

30
00:00:51,760 --> 00:00:53,200
It's about removing humans from the middle

31
00:00:53,200 --> 00:00:54,520
of every single workflow.

32
00:00:54,520 --> 00:00:56,760
It's about letting machines orchestrate machines

33
00:00:56,760 --> 00:00:59,400
while humans make the decisions that actually matter.

34
00:00:59,400 --> 00:01:02,160
Why alert fatigue is actually a systems problem?

35
00:01:02,160 --> 00:01:03,880
Alert volume has exploded.

36
00:01:03,880 --> 00:01:06,880
Cloud environments generate 10 times more security signals

37
00:01:06,880 --> 00:01:08,160
than traditional networks.

38
00:01:08,160 --> 00:01:11,280
Multi-cloud, hybrid, containerized.

39
00:01:11,280 --> 00:01:13,640
Every infrastructure layer now produces alerts,

40
00:01:13,640 --> 00:01:15,600
but analyst capacity hasn't moved.

41
00:01:15,600 --> 00:01:17,560
A human can still only do one thing at a time.

42
00:01:17,560 --> 00:01:18,520
So what happens?

43
00:01:18,520 --> 00:01:21,440
Traditional SOC's investigate maybe 60% of alerts,

44
00:01:21,440 --> 00:01:22,800
40% never get looked at.

45
00:01:22,800 --> 00:01:23,640
And here's the thing.

46
00:01:23,640 --> 00:01:25,920
It's not because analysts are lazy or incompetent.

47
00:01:25,920 --> 00:01:27,480
It's not because they don't care.

48
00:01:27,480 --> 00:01:28,800
It's because the model is broken.

49
00:01:28,800 --> 00:01:30,720
The human middleware architecture forces

50
00:01:30,720 --> 00:01:33,560
every decision through a human click, and alert comes in.

51
00:01:33,560 --> 00:01:35,880
And a human has to triage it, is it real or noise?

52
00:01:35,880 --> 00:01:37,160
Then they have to enrich it.

53
00:01:37,160 --> 00:01:38,000
What IP is that?

54
00:01:38,000 --> 00:01:38,840
What file hash?

55
00:01:38,840 --> 00:01:40,120
What user context?

56
00:01:40,120 --> 00:01:41,400
Then they have to correlate it.

57
00:01:41,400 --> 00:01:43,600
Is this connected to that alert from yesterday?

58
00:01:43,600 --> 00:01:47,000
Then they make a decision, escalate or close.

59
00:01:47,000 --> 00:01:49,600
Every step requires human thought, human time,

60
00:01:49,600 --> 00:01:50,520
and human judgment.

61
00:01:50,520 --> 00:01:52,680
Now multiply that by 10,000 alerts a day.

62
00:01:52,680 --> 00:01:53,600
You can't do it.

63
00:01:53,600 --> 00:01:54,640
Nobody can do it.

64
00:01:54,640 --> 00:01:56,520
False positives are the actual killer.

65
00:01:56,520 --> 00:01:58,880
People talk about alert fatigue as if it's just an annoyance.

66
00:01:58,880 --> 00:01:59,680
It's not.

67
00:01:59,680 --> 00:02:01,280
False positives are time theft.

68
00:02:01,280 --> 00:02:03,520
Each one wastes five minutes of investigation.

69
00:02:03,520 --> 00:02:05,920
Each one delays the response to a real threat.

70
00:02:05,920 --> 00:02:07,880
And each one erodes trust in the system.

71
00:02:07,880 --> 00:02:11,160
71% of SOC analysts report burnout.

72
00:02:11,160 --> 00:02:14,320
64% are considering leaving their job within a year.

73
00:02:14,320 --> 00:02:16,640
And we keep hiring the same people to do the same broken

74
00:02:16,640 --> 00:02:17,320
process.

75
00:02:17,320 --> 00:02:18,560
We wonder why they're exhausted.

76
00:02:18,560 --> 00:02:20,360
The problem isn't that the tools are bad.

77
00:02:20,360 --> 00:02:21,800
Microsoft Defender is good.

78
00:02:21,800 --> 00:02:22,960
Sentinel is good.

79
00:02:22,960 --> 00:02:23,960
Entra is good.

80
00:02:23,960 --> 00:02:25,720
The problem is how we're using them.

81
00:02:25,720 --> 00:02:27,840
We stack them on top of the human middleware model.

82
00:02:27,840 --> 00:02:30,280
So now an analyst is juggling five different platforms,

83
00:02:30,280 --> 00:02:32,320
running manual enrichment across each one.

84
00:02:32,320 --> 00:02:35,280
And trying to piece together a story from fragmented data,

85
00:02:35,280 --> 00:02:36,880
they do all of this under time pressure

86
00:02:36,880 --> 00:02:40,200
with a queue of thousands of uninvestigated alerts behind them.

87
00:02:40,200 --> 00:02:41,600
The root cause isn't complexity.

88
00:02:41,600 --> 00:02:44,320
Complexity is just noise on top of the real problem.

89
00:02:44,320 --> 00:02:46,560
The root cause is that we automated the wrong layer.

90
00:02:46,560 --> 00:02:47,960
We automated the easy stuff.

91
00:02:47,960 --> 00:02:51,120
Data collection, log ingestion, alert generation.

92
00:02:51,120 --> 00:02:52,200
All that worked.

93
00:02:52,200 --> 00:02:53,920
And we generated more alerts.

94
00:02:53,920 --> 00:02:55,720
But we never automated the decision layer.

95
00:02:55,720 --> 00:02:57,400
We never automated the reasoning.

96
00:02:57,400 --> 00:02:58,800
We never automated the judgment.

97
00:02:58,800 --> 00:03:00,760
So we kept asking humans to do more and more

98
00:03:00,760 --> 00:03:01,960
with the same cognitive capacity.

99
00:03:01,960 --> 00:03:02,840
That's not sustainable.

100
00:03:02,840 --> 00:03:04,160
It's never been sustainable.

101
00:03:04,160 --> 00:03:06,320
And that's why burnout is the metric that actually

102
00:03:06,320 --> 00:03:08,240
predicts security failure.

103
00:03:08,240 --> 00:03:09,760
Human middleware creates a bottleneck

104
00:03:09,760 --> 00:03:11,360
that no amount of hiring can fix.

105
00:03:11,360 --> 00:03:13,520
Because even if you hire more analysts, they're still

106
00:03:13,520 --> 00:03:13,800
human.

107
00:03:13,800 --> 00:03:14,800
They still get tired.

108
00:03:14,800 --> 00:03:15,800
They still miss things.

109
00:03:15,800 --> 00:03:17,640
They still make judgment errors.

110
00:03:17,640 --> 00:03:19,320
So you're not actually scaling security.

111
00:03:19,320 --> 00:03:20,600
You're scaling burnout.

112
00:03:20,600 --> 00:03:21,960
And the attackers know it.

113
00:03:21,960 --> 00:03:24,680
They know that a human can only process so many signals

114
00:03:24,680 --> 00:03:25,800
before they give up.

115
00:03:25,800 --> 00:03:27,960
Agentech defense flips this model upside down.

116
00:03:27,960 --> 00:03:30,440
Instead of making the human the orchestration bus.

117
00:03:30,440 --> 00:03:32,040
You make the agent the orchestration bus.

118
00:03:32,040 --> 00:03:33,240
The agent ingests alerts.

119
00:03:33,240 --> 00:03:34,400
The agent enriches data.

120
00:03:34,400 --> 00:03:35,920
The agent correlates signals.

121
00:03:35,920 --> 00:03:37,600
The agent reasons about what's happening.

122
00:03:37,600 --> 00:03:40,240
The agent makes low risk decisions autonomously.

123
00:03:40,240 --> 00:03:41,880
And the human supervises the agent.

124
00:03:41,880 --> 00:03:43,440
The human provides feedback.

125
00:03:43,440 --> 00:03:44,920
The human handles the edge cases.

126
00:03:44,920 --> 00:03:46,920
The human makes the high stakes calls.

127
00:03:46,920 --> 00:03:49,400
That's a fundamentally different system.

128
00:03:49,400 --> 00:03:50,320
The metrics trap.

129
00:03:50,320 --> 00:03:52,760
Why MTTR isn't measuring what matters?

130
00:03:52,760 --> 00:03:54,320
MTTR is a destructive metric.

131
00:03:54,320 --> 00:03:55,320
It isn't just incomplete.

132
00:03:55,320 --> 00:03:57,240
It's actively working against what you actually

133
00:03:57,240 --> 00:03:58,320
need to achieve.

134
00:03:58,320 --> 00:04:00,720
MTTR measures how fast you close a ticket.

135
00:04:00,720 --> 00:04:01,360
That's it.

136
00:04:01,360 --> 00:04:03,080
It doesn't track whether you found anything

137
00:04:03,080 --> 00:04:05,000
or if you actually stopped the attacker.

138
00:04:05,000 --> 00:04:07,440
It just measures how quickly you hit the close button.

139
00:04:07,440 --> 00:04:08,520
But here's the problem.

140
00:04:08,520 --> 00:04:11,040
When you optimize for a metric that doesn't match reality,

141
00:04:11,040 --> 00:04:12,720
you optimize for the wrong thing.

142
00:04:12,720 --> 00:04:14,560
An analyst can close a ticket in 10 minutes

143
00:04:14,560 --> 00:04:16,160
by doing a surface-level check.

144
00:04:16,160 --> 00:04:17,480
They run a quick reputation look-up,

145
00:04:17,480 --> 00:04:19,160
Cino obvious hits, and then they close it.

146
00:04:19,160 --> 00:04:21,520
The ticket is gone and the MTTR looks great.

147
00:04:21,520 --> 00:04:23,000
But what if that analyst missed something?

148
00:04:23,000 --> 00:04:25,040
What if the malicious activity was subtle and required

149
00:04:25,040 --> 00:04:27,200
correlation across three different data sources

150
00:04:27,200 --> 00:04:28,600
to understand what was happening?

151
00:04:28,600 --> 00:04:29,400
It doesn't matter.

152
00:04:29,400 --> 00:04:30,520
The ticket is closed.

153
00:04:30,520 --> 00:04:31,760
The MTTR looks good.

154
00:04:31,760 --> 00:04:33,400
The problem stays in your network.

155
00:04:33,400 --> 00:04:34,760
This is why gaming happens.

156
00:04:34,760 --> 00:04:37,440
It isn't because analysts are trying to cheat the system.

157
00:04:37,440 --> 00:04:40,000
They're just trying to survive under an impossible metric.

158
00:04:40,000 --> 00:04:42,040
They're being measured on speed instead of accuracy.

159
00:04:42,040 --> 00:04:44,520
They're being measured on throughput instead of outcomes.

160
00:04:44,520 --> 00:04:46,080
So they optimize for throughput.

161
00:04:46,080 --> 00:04:48,760
And the attacker stays in your environment undetected.

162
00:04:48,760 --> 00:04:50,720
The real metric that matters is dwell time.

163
00:04:50,720 --> 00:04:53,000
How long does an attacker stay inside your environment

164
00:04:53,000 --> 00:04:54,280
before you catch them?

165
00:04:54,280 --> 00:04:57,880
That determines whether a breach costs you $10,000 or $10 million.

166
00:04:57,880 --> 00:05:00,400
Every day an attacker stays undetected is another day

167
00:05:00,400 --> 00:05:02,600
they can move, laterally, escalate privileges

168
00:05:02,600 --> 00:05:03,920
and exfiltrate data.

169
00:05:03,920 --> 00:05:05,000
Every day matters.

170
00:05:05,000 --> 00:05:06,880
An MTTR tells you nothing about dwell time.

171
00:05:06,880 --> 00:05:08,840
You could have an MTTR of 30 minutes

172
00:05:08,840 --> 00:05:10,160
and a dwell time of six months.

173
00:05:10,160 --> 00:05:13,480
You could have an MTTR of two hours and a dwell time of four hours.

174
00:05:13,480 --> 00:05:16,000
The metric is completely separate from what actually matters.

175
00:05:16,000 --> 00:05:17,840
Organizations using agentec defense

176
00:05:17,840 --> 00:05:21,240
are reporting 40 to 60% reductions in dwell time.

177
00:05:21,240 --> 00:05:23,440
They aren't doing this by closing tickets faster.

178
00:05:23,440 --> 00:05:25,160
They're doing it by catching threats faster.

179
00:05:25,160 --> 00:05:26,440
They investigate more thoroughly

180
00:05:26,440 --> 00:05:29,240
because they aren't rushing to hit their MTTR numbers.

181
00:05:29,240 --> 00:05:30,400
The shift here is profound.

182
00:05:30,400 --> 00:05:32,280
Traditional Sochi metrics reward throughput.

183
00:05:32,280 --> 00:05:34,240
How many alerts can we process per hour?

184
00:05:34,240 --> 00:05:36,080
How many tickets can we close per shift?

185
00:05:36,080 --> 00:05:38,000
Agentec defense rewards outcomes.

186
00:05:38,000 --> 00:05:39,240
How much risk did we remove?

187
00:05:39,240 --> 00:05:40,920
How many actual threats did we stop?

188
00:05:40,920 --> 00:05:42,600
How many breaches did we prevent?

189
00:05:42,600 --> 00:05:44,400
Think about what that means for your team.

190
00:05:44,400 --> 00:05:46,160
If you're measuring tickets per hour,

191
00:05:46,160 --> 00:05:48,840
you want to move them through the queue as fast as possible.

192
00:05:48,840 --> 00:05:51,040
But if you're measuring risk removed per hour,

193
00:05:51,040 --> 00:05:52,720
you want to investigate more thoroughly.

194
00:05:52,720 --> 00:05:54,680
You want to understand what's actually happening.

195
00:05:54,680 --> 00:05:56,280
You want to catch the stuff that matters,

196
00:05:56,280 --> 00:05:58,640
even if it means spending more time on fewer tickets.

197
00:05:58,640 --> 00:06:02,040
This is where true positive rate becomes the real productivity metric,

198
00:06:02,040 --> 00:06:05,560
not alert volume, not ticket velocity, true positives per minute.

199
00:06:05,560 --> 00:06:07,720
How many actual malicious events are you catching

200
00:06:07,720 --> 00:06:09,880
for every unit of analyst effort?

201
00:06:09,880 --> 00:06:11,000
That's the number that predicts

202
00:06:11,000 --> 00:06:12,800
whether you're actually defending anything.

203
00:06:12,800 --> 00:06:14,040
Here's the hard truth.

204
00:06:14,040 --> 00:06:16,240
You can have the fastest MTTR in the industry

205
00:06:16,240 --> 00:06:17,720
and still be getting breached.

206
00:06:17,720 --> 00:06:19,680
You've built a system that's great at closing tickets

207
00:06:19,680 --> 00:06:21,040
and terrible at catching threats.

208
00:06:21,040 --> 00:06:23,120
Agentec defense forces you to flip that.

209
00:06:23,120 --> 00:06:26,080
When a machine handles the triage, enrichment, and correlation,

210
00:06:26,080 --> 00:06:27,400
speed becomes cheap.

211
00:06:27,400 --> 00:06:29,240
What becomes expensive is accuracy.

212
00:06:29,240 --> 00:06:31,280
What becomes precious is the human time spent

213
00:06:31,280 --> 00:06:33,080
on the stuff that actually matters.

214
00:06:33,080 --> 00:06:35,360
The assistant to agent spectrum.

215
00:06:35,360 --> 00:06:37,760
When Microsoft first released security copilot,

216
00:06:37,760 --> 00:06:38,760
it was a chatbot.

217
00:06:38,760 --> 00:06:40,200
You asked it a question and it answered it.

218
00:06:40,200 --> 00:06:42,760
You asked it to summarize an incident and it summarized.

219
00:06:42,760 --> 00:06:44,000
It was a tool you talked to.

220
00:06:44,000 --> 00:06:44,920
That's still useful.

221
00:06:44,920 --> 00:06:46,880
There are cases where having an AI assistant

222
00:06:46,880 --> 00:06:48,520
to interrogate is valuable.

223
00:06:48,520 --> 00:06:50,160
But it's not what scales your defense.

224
00:06:50,160 --> 00:06:51,920
The evolution from assistant to agent

225
00:06:51,920 --> 00:06:53,360
isn't just a software update.

226
00:06:53,360 --> 00:06:55,840
It's a fundamental shift in how the system operates

227
00:06:55,840 --> 00:06:56,760
and it's not binary.

228
00:06:56,760 --> 00:06:57,680
It's a spectrum.

229
00:06:57,680 --> 00:06:59,920
Understanding where you are on that spectrum

230
00:06:59,920 --> 00:07:01,840
is the architecture question that determines

231
00:07:01,840 --> 00:07:04,360
whether agentic defense actually works for you.

232
00:07:04,360 --> 00:07:05,840
At the assistive end of the spectrum,

233
00:07:05,840 --> 00:07:07,480
the AI suggests next steps.

234
00:07:07,480 --> 00:07:09,720
You get an alert and the assistant enriches it.

235
00:07:09,720 --> 00:07:13,080
It pulls context and proposes three possible interpretations.

236
00:07:13,080 --> 00:07:14,840
You look at those options, pick one,

237
00:07:14,840 --> 00:07:16,520
and then you approve the recommendation.

238
00:07:16,520 --> 00:07:18,240
The human is still making every decision.

239
00:07:18,240 --> 00:07:19,880
The AI is just doing the legwork faster

240
00:07:19,880 --> 00:07:21,480
than a human could do it manually.

241
00:07:21,480 --> 00:07:23,080
This accelerates investigation,

242
00:07:23,080 --> 00:07:25,640
but the bottleneck is still the human approval loop.

243
00:07:25,640 --> 00:07:27,160
If you have thousands of alerts

244
00:07:27,160 --> 00:07:28,720
and each one requires human judgment,

245
00:07:28,720 --> 00:07:30,480
you haven't solved the scaling problem.

246
00:07:30,480 --> 00:07:33,520
Move one step further and you get semi-autonomous agents.

247
00:07:33,520 --> 00:07:35,200
The agent executes low-risk actions

248
00:07:35,200 --> 00:07:36,520
without waiting for approval.

249
00:07:36,520 --> 00:07:38,480
If it sees a user reported fishing email

250
00:07:38,480 --> 00:07:41,240
with clear malicious indicators, it quarantines it.

251
00:07:41,240 --> 00:07:42,760
No human approval needed.

252
00:07:42,760 --> 00:07:45,160
But if it sees an EDR alert with mixed signals,

253
00:07:45,160 --> 00:07:47,200
it holds that one and waits for human judgment.

254
00:07:47,200 --> 00:07:49,240
The agent has learned the boundary between

255
00:07:49,240 --> 00:07:51,760
what it can handle safely and what needs a human.

256
00:07:51,760 --> 00:07:54,120
That's the sweet spot for most organizations right now.

257
00:07:54,120 --> 00:07:55,560
The agent does the obvious stuff

258
00:07:55,560 --> 00:07:57,520
and humans handle the ambiguous cases.

259
00:07:57,520 --> 00:08:00,080
Go further and you reach fully autonomous agents.

260
00:08:00,080 --> 00:08:02,640
The agent runs the entire workflow within guardrails.

261
00:08:02,640 --> 00:08:04,920
It ingests an alert, enriches it, correlates it,

262
00:08:04,920 --> 00:08:05,960
and makes a decision.

263
00:08:05,960 --> 00:08:08,040
It executes a response and logs everything.

264
00:08:08,040 --> 00:08:09,720
Humans see what happened afterward.

265
00:08:09,720 --> 00:08:11,720
They can override or provide feedback.

266
00:08:11,720 --> 00:08:13,600
But the default is that the agent operates

267
00:08:13,600 --> 00:08:14,960
without waiting for approval.

268
00:08:14,960 --> 00:08:17,480
This is where you get dramatic MTTR improvements.

269
00:08:17,480 --> 00:08:18,960
The agent doesn't have to wait for a human

270
00:08:18,960 --> 00:08:20,200
to read an email or make a call.

271
00:08:20,200 --> 00:08:21,800
It just does all of it immediately.

272
00:08:21,800 --> 00:08:24,560
The psychological shift between these levels is huge.

273
00:08:24,560 --> 00:08:26,720
When you're using an assistant, it's still a tool.

274
00:08:26,720 --> 00:08:28,720
You're talking to it and you're directing it.

275
00:08:28,720 --> 00:08:31,720
When you move to semi-autonomous agents, something changes.

276
00:08:31,720 --> 00:08:33,040
You're no longer using a tool.

277
00:08:33,040 --> 00:08:34,280
You're supervising a worker.

278
00:08:34,280 --> 00:08:36,760
With a tool, you feel responsible for every decision.

279
00:08:36,760 --> 00:08:38,680
With a supervised worker, you're responsible

280
00:08:38,680 --> 00:08:39,880
for the system's decisions.

281
00:08:39,880 --> 00:08:42,520
But the worker is responsible for executing them properly.

282
00:08:42,520 --> 00:08:43,800
That's a different model.

283
00:08:43,800 --> 00:08:45,920
Most organizations are still in the assistive phase.

284
00:08:45,920 --> 00:08:47,400
They've deployed co-pilot and people

285
00:08:47,400 --> 00:08:48,520
are getting value from it.

286
00:08:48,520 --> 00:08:50,840
But the agent isn't making autonomous decisions yet.

287
00:08:50,840 --> 00:08:52,480
There's still a human click required.

288
00:08:52,480 --> 00:08:53,920
That's fine as a starting point.

289
00:08:53,920 --> 00:08:55,560
But the organizations that are pulling away

290
00:08:55,560 --> 00:08:57,280
are moving into semi-autonomous territory.

291
00:08:57,280 --> 00:08:59,280
They're letting the agent handle the obvious cases.

292
00:08:59,280 --> 00:09:01,880
They're freeing up analyst time for the stuff that matters.

293
00:09:01,880 --> 00:09:04,600
The path to autonomy isn't about flipping a switch.

294
00:09:04,600 --> 00:09:05,960
It's about confidence.

295
00:09:05,960 --> 00:09:08,240
You build confidence through feedback loops.

296
00:09:08,240 --> 00:09:10,440
You deploy an agent to suggest actions

297
00:09:10,440 --> 00:09:11,600
and you watch what it does.

298
00:09:11,600 --> 00:09:14,160
You override it when it's wrong and the agent learns.

299
00:09:14,160 --> 00:09:16,200
Over time, it's accuracy improves

300
00:09:16,200 --> 00:09:17,880
and your override rate drops.

301
00:09:17,880 --> 00:09:19,440
At some point, you realize you're only

302
00:09:19,440 --> 00:09:21,360
overriding 5% of its decisions.

303
00:09:21,360 --> 00:09:24,520
That's when you can flip it to semi-autonomous.

304
00:09:24,520 --> 00:09:27,040
Let it execute those cases without waiting for you.

305
00:09:27,040 --> 00:09:29,000
Different tasks reach different autonomy levels

306
00:09:29,000 --> 00:09:30,160
at different times.

307
00:09:30,160 --> 00:09:32,840
Fishing triage can reach full autonomy quickly

308
00:09:32,840 --> 00:09:34,240
because the signal is clear

309
00:09:34,240 --> 00:09:36,200
and the cost of a mistake is manageable.

310
00:09:36,200 --> 00:09:39,440
Identity policy changes might stay semi-autonomous much longer

311
00:09:39,440 --> 00:09:41,280
because the business impact is higher.

312
00:09:41,280 --> 00:09:42,800
The spectrum gives you flexibility.

313
00:09:42,800 --> 00:09:45,440
You aren't choosing between all manual or fully autonomous.

314
00:09:45,440 --> 00:09:47,640
You're choosing how much autonomy is appropriate

315
00:09:47,640 --> 00:09:49,920
for each workflow based on your confidence

316
00:09:49,920 --> 00:09:51,360
and your risk tolerance.

317
00:09:51,360 --> 00:09:54,360
The fishing triage agent solving the noise problem.

318
00:09:54,360 --> 00:09:55,480
Let's make this concrete.

319
00:09:55,480 --> 00:09:56,600
We need to talk about fishing.

320
00:09:56,600 --> 00:09:58,680
It is the first place where agenteic defense

321
00:09:58,680 --> 00:10:00,200
actually works at scale.

322
00:10:00,200 --> 00:10:03,640
And it is the clearest example of how autonomy looks in practice.

323
00:10:03,640 --> 00:10:05,520
User reported fishing cues are noisy.

324
00:10:05,520 --> 00:10:07,080
They are catastrophically noisy.

325
00:10:07,080 --> 00:10:11,160
We are talking about 90% false positives, not 85, 90.

326
00:10:11,160 --> 00:10:13,640
Someone gets a marketing email that looks a bit weird

327
00:10:13,640 --> 00:10:15,040
so they hit the report button.

328
00:10:15,040 --> 00:10:16,760
The analyst Q grows by one.

329
00:10:16,760 --> 00:10:18,880
Someone gets a legitimate notification from a vendor

330
00:10:18,880 --> 00:10:20,440
that uses unfamiliar formatting

331
00:10:20,440 --> 00:10:21,760
and they hit the report button.

332
00:10:21,760 --> 00:10:22,920
The Q grows again.

333
00:10:22,920 --> 00:10:25,520
Then someone actually gets a convincing fishing email

334
00:10:25,520 --> 00:10:26,920
and hits the report button.

335
00:10:26,920 --> 00:10:28,640
Now you have three items in the Q

336
00:10:28,640 --> 00:10:30,400
but only one of them is actually a problem.

337
00:10:30,400 --> 00:10:32,800
When you multiply that by 5,000 reports per day

338
00:10:32,800 --> 00:10:34,600
across a large organization,

339
00:10:34,600 --> 00:10:36,800
you can see why the entire process collapses.

340
00:10:36,800 --> 00:10:39,280
The traditional approach is exactly what you would expect.

341
00:10:39,280 --> 00:10:42,000
An analyst sits down, opens the email and starts reading.

342
00:10:42,000 --> 00:10:44,120
They check the headers to see if they are forged.

343
00:10:44,120 --> 00:10:46,040
They run the sender through reputation lookups.

344
00:10:46,040 --> 00:10:48,160
They check the URLs to see if they are registered

345
00:10:48,160 --> 00:10:49,280
to a known attacker.

346
00:10:49,280 --> 00:10:51,160
They check the attachments for known malware.

347
00:10:51,160 --> 00:10:52,160
This takes time.

348
00:10:52,160 --> 00:10:53,960
It might take five or 10 minutes per email

349
00:10:53,960 --> 00:10:55,320
if the case is straightforward

350
00:10:55,320 --> 00:10:56,560
but it could take 30 minutes

351
00:10:56,560 --> 00:10:59,720
if the message is suspicious and requires a deeper investigation.

352
00:10:59,720 --> 00:11:01,160
You cannot do that 5,000 times.

353
00:11:01,160 --> 00:11:02,400
If you try to run a team that way,

354
00:11:02,400 --> 00:11:04,240
your analysts are burnt out before lunch.

355
00:11:04,240 --> 00:11:07,040
The fishing triage agent does all of this in seconds.

356
00:11:07,040 --> 00:11:09,000
It handles everything simultaneously

357
00:11:09,000 --> 00:11:10,840
across thousands of emails at once.

358
00:11:10,840 --> 00:11:12,640
The agent ingests the email

359
00:11:12,640 --> 00:11:14,840
and immediately extracts the headers, the URLs

360
00:11:14,840 --> 00:11:16,080
and the attachment hashes.

361
00:11:16,080 --> 00:11:17,760
It pulls reputation data on the sender

362
00:11:17,760 --> 00:11:20,320
and checks every link against threat intelligence feeds.

363
00:11:20,320 --> 00:11:22,680
It analyzes the semantic content of the email

364
00:11:22,680 --> 00:11:23,960
looking for language patterns

365
00:11:23,960 --> 00:11:25,360
and social engineering tactics

366
00:11:25,360 --> 00:11:27,720
rather than just obvious malware signatures.

367
00:11:27,720 --> 00:11:29,560
It evaluates embedded images

368
00:11:29,560 --> 00:11:32,720
and correlates all of that context to reach a verdict.

369
00:11:32,720 --> 00:11:34,360
The result is a classification.

370
00:11:34,360 --> 00:11:36,760
Militious, benign or needs human review,

371
00:11:36,760 --> 00:11:39,160
the speed improvement is almost incomprehensible

372
00:11:39,160 --> 00:11:40,880
until you see the actual numbers.

373
00:11:40,880 --> 00:11:44,800
We are seeing 550% faster identification of malicious emails.

374
00:11:44,800 --> 00:11:46,520
That is not just a marginal improvement.

375
00:11:46,520 --> 00:11:49,280
It is a complete restructuring of how fishing gets handled.

376
00:11:49,280 --> 00:11:50,920
And here is the autonomy piece.

377
00:11:50,920 --> 00:11:52,960
95% of user reported submissions

378
00:11:52,960 --> 00:11:54,880
are now handled entirely by the agent

379
00:11:54,880 --> 00:11:56,400
with zero human involvement.

380
00:11:56,400 --> 00:11:58,560
The obvious benign cases get closed automatically

381
00:11:58,560 --> 00:12:02,000
and the obvious malicious cases get escalated for remediation.

382
00:12:02,000 --> 00:12:04,280
Only the 5% of genuinely ambiguous cases

383
00:12:04,280 --> 00:12:05,840
ever require human eyes.

384
00:12:05,840 --> 00:12:08,360
But here is what makes this actually work sustainably.

385
00:12:08,360 --> 00:12:11,080
The agent does not pretend to be certain when it is not.

386
00:12:11,080 --> 00:12:12,840
It explains its reasoning and plain language.

387
00:12:12,840 --> 00:12:15,120
It tells the analyst why it thinks a message is malicious

388
00:12:15,120 --> 00:12:16,720
and shows the evidence it found.

389
00:12:16,720 --> 00:12:19,040
Critically, the analyst can override the verdict.

390
00:12:19,040 --> 00:12:20,200
They can say the agent is wrong

391
00:12:20,200 --> 00:12:22,280
because a specific sender is actually trusted

392
00:12:22,280 --> 00:12:25,200
or a URL is legitimate for an internal vendor.

393
00:12:25,200 --> 00:12:26,800
When the analyst overrides the decision,

394
00:12:26,800 --> 00:12:28,760
the agent does not just accept the correction,

395
00:12:28,760 --> 00:12:29,680
it learns from it.

396
00:12:29,680 --> 00:12:30,880
That is the feedback loop.

397
00:12:30,880 --> 00:12:32,480
The first time an agent sees a sender,

398
00:12:32,480 --> 00:12:35,280
the verdict might be that it is unknown or likely spam.

399
00:12:35,280 --> 00:12:37,520
But if 3,000 analysts over the course of a month

400
00:12:37,520 --> 00:12:40,240
all say that the sender is actually the payroll processor,

401
00:12:40,240 --> 00:12:41,680
the agent builds context.

402
00:12:41,680 --> 00:12:43,760
It understands that this sender is legitimate

403
00:12:43,760 --> 00:12:45,560
in your specific organization,

404
00:12:45,560 --> 00:12:48,320
even if it is unknown in global reputation data.

405
00:12:48,320 --> 00:12:50,200
A traditional security tool does not do that.

406
00:12:50,200 --> 00:12:52,360
A traditional tool runs the same static rules

407
00:12:52,360 --> 00:12:53,800
against every organization

408
00:12:53,800 --> 00:12:55,560
and never learns your environment.

409
00:12:55,560 --> 00:12:56,680
An agent is different.

410
00:12:56,680 --> 00:12:58,520
St. Luke's health network deployed this

411
00:12:58,520 --> 00:13:01,040
and saved 200 analyst hours per month.

412
00:13:01,040 --> 00:13:03,040
Think about what that actually means for a team.

413
00:13:03,040 --> 00:13:05,240
That is roughly five full-time employees

414
00:13:05,240 --> 00:13:07,680
who are no longer spending their entire lives opening emails

415
00:13:07,680 --> 00:13:08,720
and reading headers.

416
00:13:08,720 --> 00:13:11,480
Those analysts are now available for work that actually matters.

417
00:13:11,480 --> 00:13:14,040
They are hunting threats, tuning detections,

418
00:13:14,040 --> 00:13:16,120
and building better security hygiene.

419
00:13:16,120 --> 00:13:18,360
This is real security work instead of data entry

420
00:13:18,360 --> 00:13:19,920
pretending to be security.

421
00:13:19,920 --> 00:13:22,480
The phishing agent is operating at semi-autonomy.

422
00:13:22,480 --> 00:13:24,560
It handles the obvious cases automatically

423
00:13:24,560 --> 00:13:27,320
while the ambiguous cases are still escalated to humans.

424
00:13:27,320 --> 00:13:29,120
That is exactly where you want to be.

425
00:13:29,120 --> 00:13:30,800
The human is supervising a worker

426
00:13:30,800 --> 00:13:32,400
that does the tedious stuff well

427
00:13:32,400 --> 00:13:34,840
and they only jump in when judgment is required.

428
00:13:34,840 --> 00:13:36,160
The human is not bored

429
00:13:36,160 --> 00:13:37,800
and they are not typing the same responses

430
00:13:37,800 --> 00:13:39,240
to the same problems over and over.

431
00:13:39,240 --> 00:13:41,120
They are using their brain on the stuff

432
00:13:41,120 --> 00:13:42,840
that actually requires a brain.

433
00:13:42,840 --> 00:13:44,280
That is the proof of concept.

434
00:13:44,280 --> 00:13:48,120
That is why agente defense is no longer just a theoretical idea.

435
00:13:48,120 --> 00:13:50,320
How the phishing agent actually works.

436
00:13:50,320 --> 00:13:52,480
When an email arrives in the user report queue,

437
00:13:52,480 --> 00:13:54,560
the agent's workflow begins immediately.

438
00:13:54,560 --> 00:13:57,200
This is not a slow process that takes time to consider.

439
00:13:57,200 --> 00:13:59,200
The entire investigation happens in parallel

440
00:13:59,200 --> 00:14:00,680
across multiple dimensions

441
00:14:00,680 --> 00:14:04,000
and that parallelization is exactly why this works at scale.

442
00:14:04,000 --> 00:14:05,800
The ingestion stage is straightforward.

443
00:14:05,800 --> 00:14:07,560
An email comes through the abuse mailbox

444
00:14:07,560 --> 00:14:09,320
or a user hits the report button.

445
00:14:09,320 --> 00:14:10,800
The agent captures the full email,

446
00:14:10,800 --> 00:14:12,720
including the headers, the body, the attachments,

447
00:14:12,720 --> 00:14:13,800
and the metadata.

448
00:14:13,800 --> 00:14:17,200
It logs the timestamp, the submitter, and the original recipient.

449
00:14:17,200 --> 00:14:19,360
But unlike a human analyst who would read the email

450
00:14:19,360 --> 00:14:20,680
once from top to bottom,

451
00:14:20,680 --> 00:14:24,280
the agent immediately spawns multiple parallel investigations.

452
00:14:24,280 --> 00:14:25,920
Enrichment is where the real work happens.

453
00:14:25,920 --> 00:14:28,360
The agent extracts every URL from the email body

454
00:14:28,360 --> 00:14:30,920
and checks the reputation of those domains in real time.

455
00:14:30,920 --> 00:14:33,760
It looks at whether a domain is registered to a known attacker

456
00:14:33,760 --> 00:14:35,880
or if it was created just a few days ago.

457
00:14:35,880 --> 00:14:37,840
It pulls send a reputation to see if the address

458
00:14:37,840 --> 00:14:39,120
has sent malware before

459
00:14:39,120 --> 00:14:41,680
or if it is spoofing a known legitimate domain.

460
00:14:41,680 --> 00:14:43,080
The agent extracts attachment hashes

461
00:14:43,080 --> 00:14:44,800
to check them against threat intelligence feeds

462
00:14:44,800 --> 00:14:46,560
for known malware or ransomware variants.

463
00:14:46,560 --> 00:14:49,040
It pulls the headers and analyzes the email infrastructure

464
00:14:49,040 --> 00:14:52,040
for authentication failures like SPF, DKM, or DMARK.

465
00:14:52,040 --> 00:14:54,280
It checks if the sending infrastructure is consistent

466
00:14:54,280 --> 00:14:55,400
with the claimed sender.

467
00:14:55,400 --> 00:14:56,560
All of this happens at once.

468
00:14:56,560 --> 00:14:58,920
There is no waiting, there are no sequential steps,

469
00:14:58,920 --> 00:15:01,920
and there is no analyst clicking through 20 different tabs.

470
00:15:01,920 --> 00:15:03,880
Classification is where the semantics come in.

471
00:15:03,880 --> 00:15:06,160
The agent does not just pattern match signatures,

472
00:15:06,160 --> 00:15:07,680
it actually reads the email content

473
00:15:07,680 --> 00:15:09,080
and evaluates the language.

474
00:15:09,080 --> 00:15:12,200
Fishing emails follows specific structural patterns,

475
00:15:12,200 --> 00:15:14,440
such as urgency-based language or weak grammar

476
00:15:14,440 --> 00:15:15,800
in non-English spoofs.

477
00:15:15,800 --> 00:15:18,560
The agent recognizes those social engineering frameworks.

478
00:15:18,560 --> 00:15:21,120
It analyzes any images embedded in the email,

479
00:15:21,120 --> 00:15:23,280
looking for screenshots that look like login prompts

480
00:15:23,280 --> 00:15:25,360
or visual mimicry of legitimate services.

481
00:15:25,360 --> 00:15:27,640
It looks at the relationship between the claimed sender

482
00:15:27,640 --> 00:15:29,160
and the actual infrastructure

483
00:15:29,160 --> 00:15:31,440
if the from header does not match the sending server

484
00:15:31,440 --> 00:15:33,640
or if the reply to address is inconsistent,

485
00:15:33,640 --> 00:15:36,040
those triggers increase the suspicion score.

486
00:15:36,040 --> 00:15:38,040
All of this feeds into a semantic model

487
00:15:38,040 --> 00:15:40,960
that reaches a classification of malicious, benign,

488
00:15:40,960 --> 00:15:42,800
or uncertain, what makes this different

489
00:15:42,800 --> 00:15:45,440
from a traditional scanner is the reasoning layer.

490
00:15:45,440 --> 00:15:47,480
The agent does not just hand you a binary verdict,

491
00:15:47,480 --> 00:15:49,240
it explains that verdict in plain language,

492
00:15:49,240 --> 00:15:51,160
it might tell you that an email is likely malicious

493
00:15:51,160 --> 00:15:53,200
because the sender claims to be PayPal,

494
00:15:53,200 --> 00:15:54,960
but the sending server is registered in Russia.

495
00:15:54,960 --> 00:15:56,960
It will point out that the URLs go to a domain

496
00:15:56,960 --> 00:15:58,400
registered three days ago,

497
00:15:58,400 --> 00:16:01,600
and the embedded image is a screenshot of a fake login page.

498
00:16:01,600 --> 00:16:02,720
That explanation is crucial

499
00:16:02,720 --> 00:16:05,200
because the analysts can read it and verify the reasoning.

500
00:16:05,200 --> 00:16:07,600
They can check whether the agent missed a specific detail

501
00:16:07,600 --> 00:16:10,520
and if they disagree, they can override the decision.

502
00:16:10,520 --> 00:16:13,360
The autonomy boundary is set by confidence and risk.

503
00:16:13,360 --> 00:16:15,560
The agent reaches two types of conclusions.

504
00:16:15,560 --> 00:16:17,360
If it is confident, the email is benign

505
00:16:17,360 --> 00:16:19,120
because it came from a trusted sender

506
00:16:19,120 --> 00:16:20,760
and contains no suspicious elements,

507
00:16:20,760 --> 00:16:24,120
it closes the ticket automatically, no human ever sees it

508
00:16:24,120 --> 00:16:25,880
and the report is resolved.

509
00:16:25,880 --> 00:16:27,680
If it is confident, the email is malicious,

510
00:16:27,680 --> 00:16:29,040
it escalates the case.

511
00:16:29,040 --> 00:16:31,920
The email gets quarantined, the submitter gets notified,

512
00:16:31,920 --> 00:16:33,640
and the security team gets in alert,

513
00:16:33,640 --> 00:16:36,240
but that escalation includes the full reasoning of the agent,

514
00:16:36,240 --> 00:16:37,720
not just a simple flag.

515
00:16:37,720 --> 00:16:39,720
The uncertain cases go to human review,

516
00:16:39,720 --> 00:16:40,960
these are the mixed signals,

517
00:16:40,960 --> 00:16:42,680
these are the cases with suspicious elements

518
00:16:42,680 --> 00:16:44,040
that are not quite conclusive

519
00:16:44,040 --> 00:16:45,960
or potential business email compromises

520
00:16:45,960 --> 00:16:47,600
where the infrastructure looks legitimate,

521
00:16:47,600 --> 00:16:49,400
but the content suggests a problem.

522
00:16:49,400 --> 00:16:51,520
These cases require human judgment

523
00:16:51,520 --> 00:16:53,280
and that is the right call to make.

524
00:16:53,280 --> 00:16:54,800
The agent has already done the heavy lifting

525
00:16:54,800 --> 00:16:57,200
so the human only makes the call on the edge cases.

526
00:16:57,200 --> 00:16:59,760
When the human makes that call, the system learns.

527
00:16:59,760 --> 00:17:02,200
The next time the agent encounters similar patterns,

528
00:17:02,200 --> 00:17:04,920
it includes the previous human judgment in its logic.

529
00:17:04,920 --> 00:17:08,200
This workflow repeats across thousands of emails simultaneously.

530
00:17:08,200 --> 00:17:09,880
Each investigation is independent

531
00:17:09,880 --> 00:17:12,520
and each one can reach a conclusion at a different speed.

532
00:17:12,520 --> 00:17:14,200
The system does not wait for one email

533
00:17:14,200 --> 00:17:16,040
to finish before starting the next.

534
00:17:16,040 --> 00:17:18,200
That parallel processing is why the speed improvements

535
00:17:18,200 --> 00:17:19,240
are so dramatic.

536
00:17:19,240 --> 00:17:21,680
The transparency and the plain language reasoning

537
00:17:21,680 --> 00:17:24,040
are why analysts finally trust the system enough

538
00:17:24,040 --> 00:17:25,560
to let it operate on its own.

539
00:17:25,560 --> 00:17:27,920
Alert triage agents, beyond fishing.

540
00:17:27,920 --> 00:17:29,920
The fishing triage agent is just a template.

541
00:17:29,920 --> 00:17:32,080
It isn't a special case or a one off tool.

542
00:17:32,080 --> 00:17:34,240
It's the first proof that the pattern actually works.

543
00:17:34,240 --> 00:17:36,560
The same architecture scales to every other alert

544
00:17:36,560 --> 00:17:38,200
coming out of your security stack,

545
00:17:38,200 --> 00:17:39,520
and the moment you realize that,

546
00:17:39,520 --> 00:17:42,640
you understand why agente defense is becoming non-negotiable.

547
00:17:42,640 --> 00:17:44,120
Take EDR alerts as an example

548
00:17:44,120 --> 00:17:46,160
and endpoint system sees a process spin up

549
00:17:46,160 --> 00:17:47,360
that looks suspicious.

550
00:17:47,360 --> 00:17:49,280
Maybe it's running from a temp directory,

551
00:17:49,280 --> 00:17:51,680
or it's a known malicious family trying to inject code

552
00:17:51,680 --> 00:17:52,880
into another process.

553
00:17:52,880 --> 00:17:54,400
A human analyst gets the alert

554
00:17:54,400 --> 00:17:55,960
and has to answer one question.

555
00:17:55,960 --> 00:17:57,200
Is this actually bad?

556
00:17:57,200 --> 00:17:58,440
Or is it a false positive?

557
00:17:58,440 --> 00:17:59,960
The traditional approach is slow.

558
00:17:59,960 --> 00:18:01,760
The analyst opens the EDR console

559
00:18:01,760 --> 00:18:03,240
to look at the process tree,

560
00:18:03,240 --> 00:18:04,840
manually checking the parent process

561
00:18:04,840 --> 00:18:07,440
and where it originated while pulling file reputation

562
00:18:07,440 --> 00:18:08,760
and yara detections.

563
00:18:08,760 --> 00:18:11,000
They have to see if the process exists on other machines

564
00:18:11,000 --> 00:18:12,440
and correlate the user context

565
00:18:12,440 --> 00:18:15,280
to see if this is normal behavior for that specific person.

566
00:18:15,280 --> 00:18:16,400
All of this takes time.

567
00:18:16,400 --> 00:18:18,400
15 minutes minimum if it's straightforward

568
00:18:18,400 --> 00:18:20,680
and much longer if they have to dig into the logs.

569
00:18:20,680 --> 00:18:22,160
The agent does it immediately.

570
00:18:22,160 --> 00:18:25,480
It sees the alert and automatically pulls the full process tree,

571
00:18:25,480 --> 00:18:27,520
tracing everything from the parent and grandparent

572
00:18:27,520 --> 00:18:29,440
all the way back to the system start.

573
00:18:29,440 --> 00:18:32,400
It correlates that data against reputation databases

574
00:18:32,400 --> 00:18:34,600
while checking if the user is a system account,

575
00:18:34,600 --> 00:18:36,240
a service account, or a normal human.

576
00:18:36,240 --> 00:18:37,920
The agent looks for behavioral anomalies

577
00:18:37,920 --> 00:18:40,480
by asking if this user has ever launched this executable

578
00:18:40,480 --> 00:18:43,080
before or if it matches their typical daily activity.

579
00:18:43,080 --> 00:18:45,160
It cross references threat intelligence

580
00:18:45,160 --> 00:18:47,640
to see if the hash has appeared in known attacks

581
00:18:47,640 --> 00:18:49,320
and because it does this in parallel,

582
00:18:49,320 --> 00:18:51,440
it takes seconds instead of minutes.

583
00:18:51,440 --> 00:18:53,600
The agent reaches a verdict with clear reasoning.

584
00:18:53,600 --> 00:18:55,560
It might decide the process is legitimate

585
00:18:55,560 --> 00:18:57,200
because the parent is a known installer

586
00:18:57,200 --> 00:18:59,400
and the file is digitally signed by Microsoft

587
00:18:59,400 --> 00:19:00,840
or it flags it as suspicious

588
00:19:00,840 --> 00:19:03,080
because it's writing to the Windows system directory

589
00:19:03,080 --> 00:19:05,040
from an untrusted script.

590
00:19:05,040 --> 00:19:06,200
The analyst reads the reasoning

591
00:19:06,200 --> 00:19:08,520
and either approves the call or overrides it

592
00:19:08,520 --> 00:19:10,120
and the system learns from that choice.

593
00:19:10,120 --> 00:19:11,760
Cloud alerts work the same way.

594
00:19:11,760 --> 00:19:15,000
A detection fires because a storage bucket is publicly accessible

595
00:19:15,000 --> 00:19:15,920
which sounds like a problem

596
00:19:15,920 --> 00:19:17,280
but it might just be a CDN bucket

597
00:19:17,280 --> 00:19:18,760
that's supposed to be public.

598
00:19:18,760 --> 00:19:21,120
The agent sees the alert and checks the configuration,

599
00:19:21,120 --> 00:19:23,680
looking for documented public access and resource tags

600
00:19:23,680 --> 00:19:25,440
that market as a distribution point.

601
00:19:25,440 --> 00:19:27,880
It inspects the bucket contents for sensitive data

602
00:19:27,880 --> 00:19:30,480
versus public assets and checks the organization's

603
00:19:30,480 --> 00:19:33,320
cloud governance policies for any existing exceptions.

604
00:19:33,320 --> 00:19:35,200
By cross referencing recent changes to see

605
00:19:35,200 --> 00:19:38,080
if the bucket was made public yesterday or three years ago,

606
00:19:38,080 --> 00:19:40,440
the agent builds a complete picture in seconds.

607
00:19:40,440 --> 00:19:42,200
It might determine this is a false positive

608
00:19:42,200 --> 00:19:43,600
because the bucket is documented

609
00:19:43,600 --> 00:19:45,400
and contains no sensitive data

610
00:19:45,400 --> 00:19:47,680
or it identifies a legitimate misconfiguration

611
00:19:47,680 --> 00:19:49,360
that needs immediate fixing.

612
00:19:49,360 --> 00:19:50,880
The reasoning is transparent

613
00:19:50,880 --> 00:19:52,640
so the analyst can trust the verdict

614
00:19:52,640 --> 00:19:54,680
because they can see exactly how the agent reached

615
00:19:54,680 --> 00:19:55,680
that conclusion.

616
00:19:55,680 --> 00:19:57,880
Identity alerts follow the exact same structure.

617
00:19:57,880 --> 00:19:59,920
A risky sign-in is detected from an IP

618
00:19:59,920 --> 00:20:02,440
the user has never used before, which is suspicious

619
00:20:02,440 --> 00:20:04,080
but it could also be a user traveling

620
00:20:04,080 --> 00:20:05,360
or attending a conference.

621
00:20:05,360 --> 00:20:06,680
The agent receives the alert

622
00:20:06,680 --> 00:20:09,000
and checks for impossible travel by seeing

623
00:20:09,000 --> 00:20:11,400
if the user signed in from two distant locations

624
00:20:11,400 --> 00:20:13,440
within a time frame that doesn't make sense.

625
00:20:13,440 --> 00:20:16,120
It evaluates device posture to see if it's a managed device

626
00:20:16,120 --> 00:20:17,840
or an unmanaged BYOD

627
00:20:17,840 --> 00:20:20,000
and cross references conditional access policies

628
00:20:20,000 --> 00:20:22,000
to see if they should have blocked the sign in.

629
00:20:22,000 --> 00:20:24,400
The agent checks the user's history for that geography

630
00:20:24,400 --> 00:20:26,840
and correlates other risk signals from the past hour

631
00:20:26,840 --> 00:20:28,520
to see if anything else looks off.

632
00:20:28,520 --> 00:20:30,000
In seconds, the agent distinguishes

633
00:20:30,000 --> 00:20:32,480
between a genuine risk that needs a password step up

634
00:20:32,480 --> 00:20:34,600
and a false positive that should be closed.

635
00:20:34,600 --> 00:20:37,400
The pattern is consistent across every alert type.

636
00:20:37,400 --> 00:20:39,480
Most alerts resolve into obvious categories

637
00:20:39,480 --> 00:20:40,800
once you have all the context.

638
00:20:40,800 --> 00:20:43,440
Benign, malicious or needing investigation.

639
00:20:43,440 --> 00:20:46,080
80% of cases fall into those obvious buckets

640
00:20:46,080 --> 00:20:48,280
while only 20% actually require a human

641
00:20:48,280 --> 00:20:49,600
to make a judgment call.

642
00:20:49,600 --> 00:20:50,840
The agent handles the 80.

643
00:20:50,840 --> 00:20:52,160
It removes the obvious noise

644
00:20:52,160 --> 00:20:53,880
and gives analysts the context they need

645
00:20:53,880 --> 00:20:55,840
for the 20% that actually matter.

646
00:20:55,840 --> 00:20:57,800
What changes here is the scale of autonomy.

647
00:20:57,800 --> 00:20:59,880
On a fishing queue with 5,000 emails,

648
00:20:59,880 --> 00:21:03,400
80% automation means 4,000 tickets never even reach a human.

649
00:21:03,400 --> 00:21:05,560
The impact is enormous when you add EDR, cloud

650
00:21:05,560 --> 00:21:07,360
and identity alerts to the mix.

651
00:21:07,360 --> 00:21:09,680
Suddenly, the agent is handling tens of thousands

652
00:21:09,680 --> 00:21:12,560
of determinations every day that used to require human time.

653
00:21:12,560 --> 00:21:14,040
That isn't just a productivity gain.

654
00:21:14,040 --> 00:21:16,120
It's a structural change in what security operations

655
00:21:16,120 --> 00:21:18,120
can actually accomplish.

656
00:21:18,120 --> 00:21:21,480
The conditional access optimization agent, identity at scale.

657
00:21:21,480 --> 00:21:24,720
This is where agentec defense moves from reactive to preventive.

658
00:21:24,720 --> 00:21:27,040
It stops defending against problems that already fired

659
00:21:27,040 --> 00:21:29,280
and starts preventing them from existing in the first place.

660
00:21:29,280 --> 00:21:31,600
Identity policy is the most dangerous technical debt

661
00:21:31,600 --> 00:21:32,640
in any organization.

662
00:21:32,640 --> 00:21:34,960
You write a conditional access policy that is correct the day

663
00:21:34,960 --> 00:21:37,040
you finish it because it covers your current users,

664
00:21:37,040 --> 00:21:38,400
apps and risk models.

665
00:21:38,400 --> 00:21:39,840
But then the environment changes.

666
00:21:39,840 --> 00:21:41,480
New users are hired.

667
00:21:41,480 --> 00:21:43,680
You add a SAS application or a vendor starts

668
00:21:43,680 --> 00:21:45,240
requesting access from a new region

669
00:21:45,240 --> 00:21:48,000
and your policy has no idea any of this happened.

670
00:21:48,000 --> 00:21:50,560
It was written for the world as it existed six months ago,

671
00:21:50,560 --> 00:21:52,160
but now the policy is drifting.

672
00:21:52,160 --> 00:21:54,240
The gap between what you intended and what you're actually

673
00:21:54,240 --> 00:21:56,160
covering gets wider every single day.

674
00:21:56,160 --> 00:21:57,920
And you have no idea it's happening.

675
00:21:57,920 --> 00:22:00,640
The traditional approach is a quarterly manual review.

676
00:22:00,640 --> 00:22:02,280
The security team grabs a spreadsheet

677
00:22:02,280 --> 00:22:04,200
and tries to remember what they intended to cover

678
00:22:04,200 --> 00:22:06,800
while manually listing users and checking of policies apply.

679
00:22:06,800 --> 00:22:07,600
It's exhausting.

680
00:22:07,600 --> 00:22:08,640
It's full of errors.

681
00:22:08,640 --> 00:22:11,360
And it happens way too infrequently.

682
00:22:11,360 --> 00:22:13,040
By the time the next review rolls around,

683
00:22:13,040 --> 00:22:14,920
three months of changes have piled up,

684
00:22:14,920 --> 00:22:17,720
including new employees, service accounts, and apps.

685
00:22:17,720 --> 00:22:19,520
Any of these could have massive gaps.

686
00:22:19,520 --> 00:22:21,880
And you're just hoping you didn't miss anything critical.

687
00:22:21,880 --> 00:22:23,320
That isn't a security posture.

688
00:22:23,320 --> 00:22:24,160
It's a prayer.

689
00:22:24,160 --> 00:22:27,240
The conditional access optimization agent flips this model.

690
00:22:27,240 --> 00:22:28,160
It isn't quarterly.

691
00:22:28,160 --> 00:22:29,800
It's continuous.

692
00:22:29,800 --> 00:22:31,480
The agent scans your environment every day

693
00:22:31,480 --> 00:22:34,840
to see if newly created users are covered by at least one policy.

694
00:22:34,840 --> 00:22:36,560
It spots new applications in your tenant

695
00:22:36,560 --> 00:22:38,480
and checks if there are policies protecting them,

696
00:22:38,480 --> 00:22:41,440
or it detects when MFA isn't being enforced, where it should be.

697
00:22:41,440 --> 00:22:43,000
It identifies workload identities

698
00:22:43,000 --> 00:22:46,120
like service principles that might be operating outside your framework,

699
00:22:46,120 --> 00:22:47,640
but it doesn't just flag the problems.

700
00:22:47,640 --> 00:22:50,760
It proposes the specific policy changes to fix them.

701
00:22:50,760 --> 00:22:52,760
This is the difference between a tool that

702
00:22:52,760 --> 00:22:55,120
finds problems and an agent that solves them.

703
00:22:55,120 --> 00:22:57,440
A tool tells you there's a gap, but an agent tells you

704
00:22:57,440 --> 00:22:59,400
exactly which policy change will close it.

705
00:22:59,400 --> 00:23:01,760
It generates the specific conditional access policy

706
00:23:01,760 --> 00:23:04,680
and analyzes the impact by checking how many users are affected,

707
00:23:04,680 --> 00:23:07,000
and if it might break an existing workflow.

708
00:23:07,000 --> 00:23:10,320
The agent runs the proposed policy in report-only mode first,

709
00:23:10,320 --> 00:23:12,840
so the policy fires without actually enforcing anything.

710
00:23:12,840 --> 00:23:14,880
You see exactly what would have happened,

711
00:23:14,880 --> 00:23:17,520
and validate that the impact is acceptable before you ever

712
00:23:17,520 --> 00:23:18,320
flip the switch.

713
00:23:18,320 --> 00:23:20,080
Report-only mode is the key here.

714
00:23:20,080 --> 00:23:22,680
This isn't the agent making autonomous decisions.

715
00:23:22,680 --> 00:23:24,480
It's the agent proposing a path and showing you

716
00:23:24,480 --> 00:23:26,360
the results before anything changes.

717
00:23:26,360 --> 00:23:28,440
You stay in control while reviewing the suggestion

718
00:23:28,440 --> 00:23:30,120
running the experiment safely.

719
00:23:30,120 --> 00:23:33,760
You only enforce the policy once you've validated the change yourself.

720
00:23:33,760 --> 00:23:35,880
This is the semi-autonomous model working perfectly

721
00:23:35,880 --> 00:23:38,320
because the agent does the heavy lifting of analyzing

722
00:23:38,320 --> 00:23:40,320
the environment and proposing solutions.

723
00:23:40,320 --> 00:23:42,960
The human handles the validation by reviewing the impact

724
00:23:42,960 --> 00:23:44,280
and approving the change.

725
00:23:44,280 --> 00:23:46,600
The real impact is both psychological and structural.

726
00:23:46,600 --> 00:23:49,400
Organizations that use this move from hoping

727
00:23:49,400 --> 00:23:52,400
their identity policies are covered to knowing they are covered.

728
00:23:52,400 --> 00:23:54,000
That isn't just a small detail.

729
00:23:54,000 --> 00:23:56,080
It's the difference between security theater

730
00:23:56,080 --> 00:23:57,760
and an actual security posture.

731
00:23:57,760 --> 00:23:59,360
You're no longer hoping someone remembered

732
00:23:59,360 --> 00:24:01,800
to write the policy because you're validating your coverage

733
00:24:01,800 --> 00:24:02,880
every single day.

734
00:24:02,880 --> 00:24:04,480
You catch drift the moment it happens

735
00:24:04,480 --> 00:24:06,760
and fix gaps in days instead of months.

736
00:24:06,760 --> 00:24:08,360
The agent learns your environment.

737
00:24:08,360 --> 00:24:10,360
It understands your user patterns, your apps,

738
00:24:10,360 --> 00:24:11,520
and your risk appetite.

739
00:24:11,520 --> 00:24:13,600
It knows which users operate in which regions

740
00:24:13,600 --> 00:24:15,280
and which applications are critical,

741
00:24:15,280 --> 00:24:17,200
versus just experimental.

742
00:24:17,200 --> 00:24:19,720
That context makes the recommendations smarter

743
00:24:19,720 --> 00:24:21,600
because you aren't getting generic suggestions.

744
00:24:21,600 --> 00:24:24,480
You're getting a policy tailored to your specific organization

745
00:24:24,480 --> 00:24:25,680
and your specific risks.

746
00:24:25,680 --> 00:24:27,640
That is the security agent fabric at scale.

747
00:24:27,640 --> 00:24:30,160
It isn't just reacting to threats that made it past your front door.

748
00:24:30,160 --> 00:24:33,040
It's continuously validating that your defenses actually exist

749
00:24:33,040 --> 00:24:35,240
and match reality.

750
00:24:35,240 --> 00:24:38,240
Why multi-agent architecture beat single models?

751
00:24:38,240 --> 00:24:40,640
You would think the future of AI security is simple.

752
00:24:40,640 --> 00:24:42,880
Find the biggest language model, point it at the problem,

753
00:24:42,880 --> 00:24:44,040
let it solve everything.

754
00:24:44,040 --> 00:24:46,760
But that is not how this works and understanding why.

755
00:24:46,760 --> 00:24:48,320
Is the key to understanding why

756
00:24:48,320 --> 00:24:50,320
agentic defense actually scales?

757
00:24:50,320 --> 00:24:52,440
Microsoft built a system called M-Dash.

758
00:24:52,440 --> 00:24:54,840
It is their vulnerability discovery framework.

759
00:24:54,840 --> 00:24:56,800
A machine learning system designed to find flaws

760
00:24:56,800 --> 00:24:59,000
in windows and other massive code bases.

761
00:24:59,000 --> 00:25:02,040
M-Dash is not one giant model trying to understand code.

762
00:25:02,040 --> 00:25:05,040
It is over 100 specialized agents orchestrated together,

763
00:25:05,040 --> 00:25:07,160
each doing one specific thing well.

764
00:25:07,160 --> 00:25:08,720
The results reveal something fundamental

765
00:25:08,720 --> 00:25:10,200
about solving hard problems.

766
00:25:10,200 --> 00:25:12,040
The problem with the bigger model approach

767
00:25:12,040 --> 00:25:14,520
is that a single model cannot debate itself.

768
00:25:14,520 --> 00:25:16,360
It reaches a conclusion and it commits.

769
00:25:16,360 --> 00:25:18,760
If the model thinks a code path is vulnerable,

770
00:25:18,760 --> 00:25:20,520
it reasons forward from that assumption.

771
00:25:20,520 --> 00:25:22,800
It does not hold the opposite position at the same time.

772
00:25:22,800 --> 00:25:25,520
It cannot generate evidence for why it might be wrong.

773
00:25:25,520 --> 00:25:27,400
A single model reaching a conclusion

774
00:25:27,400 --> 00:25:30,000
is like a scientist evaluating their own research.

775
00:25:30,000 --> 00:25:31,640
There is a massive blind spot

776
00:25:31,640 --> 00:25:33,800
where they cannot see their own assumptions.

777
00:25:33,800 --> 00:25:35,760
M-Dash solves this through orchestration.

778
00:25:35,760 --> 00:25:38,000
The system uses Auditor agents to examine code

779
00:25:38,000 --> 00:25:39,560
and generate vulnerability candidates.

780
00:25:39,560 --> 00:25:40,920
These are not final verdicts.

781
00:25:40,920 --> 00:25:42,080
They are hypotheses.

782
00:25:42,080 --> 00:25:44,600
The auditor says, here is a potential problem

783
00:25:44,600 --> 00:25:46,880
or here is where the bug might be.

784
00:25:46,880 --> 00:25:49,400
Then, debater agents take those hypotheses

785
00:25:49,400 --> 00:25:51,120
and try to tear them apart.

786
00:25:51,120 --> 00:25:52,880
They ask if the floor is really exploitable.

787
00:25:52,880 --> 00:25:55,080
They look for mitigations that prevent the attack.

788
00:25:55,080 --> 00:25:57,160
The debaters do not try to prove the auditors right.

789
00:25:57,160 --> 00:25:58,400
They try to prove them wrong.

790
00:25:58,400 --> 00:26:00,960
This adversarial process catches false positives

791
00:26:00,960 --> 00:26:03,040
that a single model would just accept.

792
00:26:03,040 --> 00:26:05,680
A third agent type, the Proverse.

793
00:26:05,680 --> 00:26:07,200
Generates proof of concept exploits

794
00:26:07,200 --> 00:26:08,920
if you claim there is a vulnerability.

795
00:26:08,920 --> 00:26:10,080
You have to prove it.

796
00:26:10,080 --> 00:26:11,640
The Proverse writes the actual attack code

797
00:26:11,640 --> 00:26:13,320
to see if it crashes or executes.

798
00:26:13,320 --> 00:26:14,920
This is not a theoretical exercise.

799
00:26:14,920 --> 00:26:16,040
It is validation.

800
00:26:16,040 --> 00:26:18,280
Either the code is vulnerable or it isn't.

801
00:26:18,280 --> 00:26:20,080
You can tell by whether the exploit works.

802
00:26:20,080 --> 00:26:23,400
No amount of reasoning can substitute for that reality check.

803
00:26:23,400 --> 00:26:25,600
The debate layer is where the magic happens.

804
00:26:25,600 --> 00:26:28,200
Traditional tools generate thousands of findings,

805
00:26:28,200 --> 00:26:29,600
but 90% are just noise.

806
00:26:29,600 --> 00:26:32,000
The tool finds a pattern that matches the signature.

807
00:26:32,000 --> 00:26:33,640
But in context, it is benign.

808
00:26:33,640 --> 00:26:35,800
A single large model makes the same mistakes.

809
00:26:35,800 --> 00:26:37,400
But when you layer specialized agents

810
00:26:37,400 --> 00:26:39,040
with conflicting objectives.

811
00:26:39,040 --> 00:26:41,040
The consensus that emerges is reliable.

812
00:26:41,040 --> 00:26:42,680
You are not trusting the model's judgment.

813
00:26:42,680 --> 00:26:44,400
You are trusting the system's debate.

814
00:26:44,400 --> 00:26:47,240
This matters because false positives are toxic insecurity.

815
00:26:47,240 --> 00:26:49,000
Every ghost vulnerability wastes an hour

816
00:26:49,000 --> 00:26:50,560
of a security engineer's time.

817
00:26:50,560 --> 00:26:52,440
Security engineers are expensive

818
00:26:52,440 --> 00:26:55,320
and their time is limited if you send them down rabbit holes.

819
00:26:55,320 --> 00:26:56,560
You are not just wasting time.

820
00:26:56,560 --> 00:26:58,320
You are eroding their trust in the system.

821
00:26:58,320 --> 00:26:59,640
They start ignoring findings.

822
00:26:59,640 --> 00:27:01,680
The signal to noise ratio degrades.

823
00:27:01,680 --> 00:27:03,840
But if your system sends them only real vulnerabilities,

824
00:27:03,840 --> 00:27:05,400
every finding is actionable.

825
00:27:05,400 --> 00:27:07,440
They engage trust compounds.

826
00:27:07,440 --> 00:27:11,920
Dash jumped from 88% to 96.5% accuracy

827
00:27:11,920 --> 00:27:14,760
on a real-world benchmark in just a few weeks.

828
00:27:14,760 --> 00:27:16,920
The underlying language models did not change.

829
00:27:16,920 --> 00:27:18,680
The improvement came from orchestration.

830
00:27:18,680 --> 00:27:20,880
It came from refining how agents interact,

831
00:27:20,880 --> 00:27:22,240
how confidence is measured,

832
00:27:22,240 --> 00:27:23,560
and how validation works.

833
00:27:23,560 --> 00:27:24,560
The system design.

834
00:27:24,560 --> 00:27:26,680
Not the raw capability of the components.

835
00:27:26,680 --> 00:27:27,840
Drove the progress.

836
00:27:27,840 --> 00:27:29,640
This is the inverse of what everyone assumes.

837
00:27:29,640 --> 00:27:31,680
We assume that bigger model solve problems.

838
00:27:31,680 --> 00:27:34,600
We assume that parameter count equals capability.

839
00:27:34,600 --> 00:27:36,320
But the evidence shows something different.

840
00:27:36,320 --> 00:27:38,840
System architecture matters more than model size.

841
00:27:38,840 --> 00:27:41,360
How you orchestrate specialized agents matters more

842
00:27:41,360 --> 00:27:43,840
than how many parameters your foundation model has.

843
00:27:43,840 --> 00:27:46,000
Coordination beats capability.

844
00:27:46,000 --> 00:27:48,000
This principle applies to every defense case.

845
00:27:48,000 --> 00:27:50,040
One fishing agent trying to classify everything

846
00:27:50,040 --> 00:27:50,880
will hit a wall.

847
00:27:50,880 --> 00:27:52,920
But one agent that extracts metadata.

848
00:27:52,920 --> 00:27:54,400
Another that checks reputation.

849
00:27:54,400 --> 00:27:56,080
Another that analyzes content.

850
00:27:56,080 --> 00:27:58,560
And a validation layer that weighs those signals.

851
00:27:58,560 --> 00:28:01,600
Produces reliability a single agent never could.

852
00:28:01,600 --> 00:28:03,280
The architectural insight is this.

853
00:28:03,280 --> 00:28:06,160
Complexity is not solved by adding intelligence to one place.

854
00:28:06,160 --> 00:28:07,920
It is solved by distributing intelligence

855
00:28:07,920 --> 00:28:10,920
across specialized agents and letting them validate each other.

856
00:28:10,920 --> 00:28:12,840
That is the foundation of agente defense,

857
00:28:12,840 --> 00:28:15,640
not smarter models, smarter orchestration.

858
00:28:15,640 --> 00:28:18,440
The debate layer, how agents validate each other.

859
00:28:18,440 --> 00:28:22,200
The debate layer is where agente systems move from fast to reliable.

860
00:28:22,200 --> 00:28:24,480
It is the mechanism that turns a collection of agents

861
00:28:24,480 --> 00:28:26,920
from a noise machine into a validation engine.

862
00:28:26,920 --> 00:28:30,080
Imagine a code analysis agent has identified a buffer overflow.

863
00:28:30,080 --> 00:28:31,200
The agent has evidence.

864
00:28:31,200 --> 00:28:32,880
A function receives user input.

865
00:28:32,880 --> 00:28:34,800
Copies it into a fixed size buffer.

866
00:28:34,800 --> 00:28:36,280
And performs no bounds checking.

867
00:28:36,280 --> 00:28:38,840
That is the vulnerability candidate, classic pattern.

868
00:28:38,840 --> 00:28:40,600
But a single agent at this point is committed.

869
00:28:40,600 --> 00:28:41,640
It found the bug.

870
00:28:41,640 --> 00:28:42,760
It writes the report.

871
00:28:42,760 --> 00:28:43,680
It ships it.

872
00:28:43,680 --> 00:28:45,280
Now, introduce a second agent.

873
00:28:45,280 --> 00:28:47,720
A debater whose job is not to find vulnerabilities.

874
00:28:47,720 --> 00:28:50,240
But to invalidate them, the debater reads the same code

875
00:28:50,240 --> 00:28:51,800
and sees the same buffer operation.

876
00:28:51,800 --> 00:28:53,560
But it also sees a length check three lines

877
00:28:53,560 --> 00:28:54,800
above the copy operation.

878
00:28:54,800 --> 00:28:57,320
The input is validated before it reaches the buffer.

879
00:28:57,320 --> 00:28:59,800
The vulnerable code path is not actually reachable.

880
00:28:59,800 --> 00:29:02,880
The auditor agent found a pattern that looks bad in isolation.

881
00:29:02,880 --> 00:29:04,800
But it is not vulnerable in context.

882
00:29:04,800 --> 00:29:05,880
The debater quoted.

883
00:29:05,880 --> 00:29:07,800
Now a third agent enters the scene.

884
00:29:07,800 --> 00:29:10,720
The adversary agent, its job is to argue the opposite.

885
00:29:10,720 --> 00:29:12,320
It assumes the code is vulnerable

886
00:29:12,320 --> 00:29:14,280
and tries to find a way to exploit it.

887
00:29:14,280 --> 00:29:16,400
The adversary reads both the auditors finding

888
00:29:16,400 --> 00:29:18,280
and the debater's counter argument.

889
00:29:18,280 --> 00:29:19,800
It identifies something subtle.

890
00:29:19,800 --> 00:29:21,800
The length check validates against a variable,

891
00:29:21,800 --> 00:29:24,360
not a constant, if that variable is modified elsewhere.

892
00:29:24,360 --> 00:29:26,560
Or if there is a race condition, the check might fail.

893
00:29:26,560 --> 00:29:29,000
Now you have three agents holding three different positions.

894
00:29:29,000 --> 00:29:31,280
Not one of them is simply right.

895
00:29:31,280 --> 00:29:34,320
They are collectively exploring the boundaries of exploitability.

896
00:29:34,320 --> 00:29:35,680
This is not human intuition.

897
00:29:35,680 --> 00:29:36,880
It is structured reasoning.

898
00:29:36,880 --> 00:29:41,000
Each agent follows logical rules and applies its specific expertise.

899
00:29:41,000 --> 00:29:43,280
The system does not need to trust any single agent.

900
00:29:43,280 --> 00:29:45,360
It trusts the process.

901
00:29:45,360 --> 00:29:48,280
The debate forces every finding through adversarial scrutiny.

902
00:29:48,280 --> 00:29:51,520
If a vulnerability can survive that, if the auditor proposes it,

903
00:29:51,520 --> 00:29:52,960
the debater cannot dismantle it.

904
00:29:52,960 --> 00:29:55,720
And the adversary shows an exploit path, then confidence rises.

905
00:29:55,720 --> 00:29:57,920
This is a real vulnerability, not a false positivity.

906
00:29:57,920 --> 00:29:59,640
Here is the output that matters.

907
00:29:59,640 --> 00:30:01,920
M-RAN against a private Windows driver test

908
00:30:01,920 --> 00:30:04,400
with 21 deliberately planted vulnerabilities.

909
00:30:04,400 --> 00:30:06,600
It found all 21 real vulnerabilities.

910
00:30:06,600 --> 00:30:08,800
With zero false positives, that is not accuracy

911
00:30:08,800 --> 00:30:11,240
in the traditional sense, that is validation.

912
00:30:11,240 --> 00:30:13,960
The debate layer ensured that every finding in the final report

913
00:30:13,960 --> 00:30:15,080
was actually exploitable.

914
00:30:15,080 --> 00:30:16,680
The trade-off is that some vulnerabilities

915
00:30:16,680 --> 00:30:18,800
might get caught and released after debate.

916
00:30:18,800 --> 00:30:21,000
But the principle is solid, only findings

917
00:30:21,000 --> 00:30:23,640
that survive questioning reach the security team.

918
00:30:23,640 --> 00:30:26,160
This patent transfers directly to security operations

919
00:30:26,160 --> 00:30:27,560
and EDR alert fires.

920
00:30:27,560 --> 00:30:28,920
Suspicious process detected.

921
00:30:28,920 --> 00:30:30,160
One agent flags it.

922
00:30:30,160 --> 00:30:32,080
A second agent validates the reasoning.

923
00:30:32,080 --> 00:30:34,360
The validation agent reads the first agent's assessment

924
00:30:34,360 --> 00:30:36,320
and independently checks the evidence.

925
00:30:36,320 --> 00:30:40,680
It looks at the process tree, reputation data, and behavior context.

926
00:30:40,680 --> 00:30:43,400
If the validation agent reaches the same conclusion,

927
00:30:43,400 --> 00:30:44,400
confidence rises.

928
00:30:44,400 --> 00:30:46,080
If it reaches a different conclusion,

929
00:30:46,080 --> 00:30:48,240
the conflict itself becomes useful data.

930
00:30:48,240 --> 00:30:49,560
It signals ambiguity.

931
00:30:49,560 --> 00:30:51,600
It signals that human judgment might be needed.

932
00:30:51,600 --> 00:30:54,120
The mechanism creates transparency as a side effect.

933
00:30:54,120 --> 00:30:55,800
Because multiple agents are involved.

934
00:30:55,800 --> 00:30:56,720
You see their reasoning.

935
00:30:56,720 --> 00:30:58,120
You see what the auditor found.

936
00:30:58,120 --> 00:30:59,720
What the debate are challenged.

937
00:30:59,720 --> 00:31:01,400
And what the adversary proposed.

938
00:31:01,400 --> 00:31:04,280
An analyst reading through logs is not watching a black box spit

939
00:31:04,280 --> 00:31:05,120
out a verdict.

940
00:31:05,120 --> 00:31:07,040
They are watching a structured debate.

941
00:31:07,040 --> 00:31:08,160
They can follow the logic.

942
00:31:08,160 --> 00:31:10,960
They can understand why the system reached its conclusion.

943
00:31:10,960 --> 00:31:14,000
That understanding is what transforms skepticism into trust.

944
00:31:14,000 --> 00:31:16,120
This is why agentex systems work at scale.

945
00:31:16,120 --> 00:31:18,400
They are not faster because they think harder.

946
00:31:18,400 --> 00:31:20,440
They are faster because they distribute thinking

947
00:31:20,440 --> 00:31:22,040
across specialized agents.

948
00:31:22,040 --> 00:31:24,600
They are more reliable because they validate findings

949
00:31:24,600 --> 00:31:26,200
against multiple perspectives.

950
00:31:26,200 --> 00:31:30,280
And they are trustworthy because they show their work.

951
00:31:30,280 --> 00:31:31,400
The governance problem.

952
00:31:31,400 --> 00:31:33,640
Treating agents as first-class citizens.

953
00:31:33,640 --> 00:31:34,600
There is a problem.

954
00:31:34,600 --> 00:31:35,720
Nobody's talking about it yet.

955
00:31:35,720 --> 00:31:37,640
If an agent can disable user accounts,

956
00:31:37,640 --> 00:31:38,800
it's a system administrator.

957
00:31:38,800 --> 00:31:41,000
If an agent can isolate endpoints from your network,

958
00:31:41,000 --> 00:31:42,320
it's a security operator.

959
00:31:42,320 --> 00:31:44,320
And if an agent can approve policy changes,

960
00:31:44,320 --> 00:31:45,800
it's a governance decision maker.

961
00:31:45,800 --> 00:31:48,320
But most organizations are treating agents like software tools.

962
00:31:48,320 --> 00:31:49,040
They are not tools.

963
00:31:49,040 --> 00:31:51,320
They are high-privileged operational entities.

964
00:31:51,320 --> 00:31:53,680
The moment your agent moves from assistive to semi-autonomous,

965
00:31:53,680 --> 00:31:54,520
it crosses the line.

966
00:31:54,520 --> 00:31:55,960
It's no longer a tool you're using.

967
00:31:55,960 --> 00:31:57,840
It's an autonomous entity making decisions

968
00:31:57,840 --> 00:31:59,720
that affect your entire environment.

969
00:31:59,720 --> 00:32:01,440
Because of the shift, you have to treat it

970
00:32:01,440 --> 00:32:03,160
like a privileged identity.

971
00:32:03,160 --> 00:32:05,480
Think about what an agent needs to actually work.

972
00:32:05,480 --> 00:32:07,840
A fishing triage agent needs to read emails.

973
00:32:07,840 --> 00:32:10,280
Pull threat intelligence and make quarantine decisions.

974
00:32:10,280 --> 00:32:11,520
That is significant access.

975
00:32:11,520 --> 00:32:14,600
It's reading sensitive data and executing containment actions.

976
00:32:14,600 --> 00:32:16,480
In a traditional model, you would never

977
00:32:16,480 --> 00:32:19,360
grant that much power to one human without monitoring them.

978
00:32:19,360 --> 00:32:21,200
But agents often get broad permissions

979
00:32:21,200 --> 00:32:24,840
because people think of them as software, not as identities.

980
00:32:24,840 --> 00:32:27,560
The governance framework for agents starts with identity.

981
00:32:27,560 --> 00:32:30,520
The agent needs its own identity in EntraID.

982
00:32:30,520 --> 00:32:32,480
It shouldn't operate as a shared service account.

983
00:32:32,480 --> 00:32:34,200
It shouldn't borrow permissions from a user.

984
00:32:34,200 --> 00:32:35,400
It needs its own audit trail.

985
00:32:35,400 --> 00:32:36,840
It needs its own life cycle.

986
00:32:36,840 --> 00:32:39,680
You create the identity when the agent is deployed

987
00:32:39,680 --> 00:32:42,040
and you deprovision it when the agent is retired.

988
00:32:42,040 --> 00:32:45,160
Once the agent has an identity, you apply least privilege.

989
00:32:45,160 --> 00:32:46,960
The agent only gets access to the systems

990
00:32:46,960 --> 00:32:48,560
it needs for its specific job.

991
00:32:48,560 --> 00:32:52,080
A fishing agent doesn't need to see EDR data or identity logs.

992
00:32:52,080 --> 00:32:55,240
It needs email metadata and quarantine capabilities.

993
00:32:55,240 --> 00:32:55,760
That's it.

994
00:32:55,760 --> 00:32:57,560
Every deployment should start with a conversation

995
00:32:57,560 --> 00:33:00,160
about what is necessary, not what is convenient.

996
00:33:00,160 --> 00:33:01,840
Guardrails define the policy boundary.

997
00:33:01,840 --> 00:33:04,760
They decide what the agent does alone and what requires a human.

998
00:33:04,760 --> 00:33:06,280
Can it close tickets? Yes.

999
00:33:06,280 --> 00:33:08,360
Can it quarantine emails? Yes.

1000
00:33:08,360 --> 00:33:10,680
Can it disable user accounts? No.

1001
00:33:10,680 --> 00:33:12,440
High stakes actions need friction.

1002
00:33:12,440 --> 00:33:15,200
The guardrails are calibrated to match the cost of failure.

1003
00:33:15,200 --> 00:33:16,800
Logging is non-negotiable.

1004
00:33:16,800 --> 00:33:18,880
Every action the agent takes must be recorded

1005
00:33:18,880 --> 00:33:20,360
in your security audit system.

1006
00:33:20,360 --> 00:33:22,560
What did it do? When? Why?

1007
00:33:22,560 --> 00:33:24,160
If the agent starts misbehaving,

1008
00:33:24,160 --> 00:33:26,920
the audit trail shows you exactly where it went wrong.

1009
00:33:26,920 --> 00:33:28,840
Then you close the loop with feedback.

1010
00:33:28,840 --> 00:33:31,520
When analysts override an agent, that data must be captured.

1011
00:33:31,520 --> 00:33:34,440
If the override rate is high, it's a diagnostic signal.

1012
00:33:34,440 --> 00:33:36,320
It means your guardrails are off.

1013
00:33:36,320 --> 00:33:37,640
Or your agent isn't ready.

1014
00:33:37,640 --> 00:33:39,040
The shift in thinking is fundamental.

1015
00:33:39,040 --> 00:33:40,920
You aren't asking if the tool is secure.

1016
00:33:40,920 --> 00:33:43,080
You're asking if the agent is operating within policy.

1017
00:33:43,080 --> 00:33:45,000
Most organizations haven't built this yet.

1018
00:33:45,000 --> 00:33:47,160
But the teams that move fast on governance

1019
00:33:47,160 --> 00:33:49,600
are the ones who can safely move fast on autonomy.

1020
00:33:49,600 --> 00:33:50,960
Good governance enables trust

1021
00:33:50,960 --> 00:33:52,600
and trust is what allows you to scale.

1022
00:33:52,600 --> 00:33:55,080
The autonomy spectrum from assistive to autonomous.

1023
00:33:55,080 --> 00:33:57,160
Autonomy isn't binary. It's a spectrum.

1024
00:33:57,160 --> 00:33:59,480
The question isn't whether your agents should be autonomous.

1025
00:33:59,480 --> 00:34:01,640
It's which tasks belong at which level?

1026
00:34:01,640 --> 00:34:03,480
At level one, you are in assistive mode.

1027
00:34:03,480 --> 00:34:04,800
The agent suggests an action.

1028
00:34:04,800 --> 00:34:05,800
A human approves it.

1029
00:34:05,800 --> 00:34:08,680
The overhead here is high because every single determination

1030
00:34:08,680 --> 00:34:10,320
requires a human click.

1031
00:34:10,320 --> 00:34:11,440
You aren't scaling detection.

1032
00:34:11,440 --> 00:34:13,080
You're just scaling a review queue.

1033
00:34:13,080 --> 00:34:15,080
Level two introduces confidence scoring.

1034
00:34:15,080 --> 00:34:16,640
The agent tells you how sure it is.

1035
00:34:16,640 --> 00:34:19,320
If confidence is at 94%, maybe you skip the review.

1036
00:34:19,320 --> 00:34:21,520
If it's at 70%, you investigate.

1037
00:34:21,520 --> 00:34:23,680
This allows analysts to focus their attention

1038
00:34:23,680 --> 00:34:25,000
where it actually matters.

1039
00:34:25,000 --> 00:34:26,600
Level three is conditional autonomy.

1040
00:34:26,600 --> 00:34:29,000
The agent executes low risk actions without waiting.

1041
00:34:29,000 --> 00:34:30,080
It quarantines an email.

1042
00:34:30,080 --> 00:34:31,200
It closes up in 9 alert.

1043
00:34:31,200 --> 00:34:32,480
These actions are reversible.

1044
00:34:32,480 --> 00:34:34,520
So the risk is low, but high stakes calls,

1045
00:34:34,520 --> 00:34:36,280
like isolating a critical server.

1046
00:34:36,280 --> 00:34:37,280
Still go to a human.

1047
00:34:37,280 --> 00:34:40,160
This is where most organizations should start.

1048
00:34:40,160 --> 00:34:42,400
Level four is full autonomy within guardrails.

1049
00:34:42,400 --> 00:34:44,720
The agent runs the entire workflow end-to-end.

1050
00:34:44,720 --> 00:34:47,880
It ingests, enriches, and executes.

1051
00:34:47,880 --> 00:34:50,920
Humans monitor the outcomes and review the logs afterward.

1052
00:34:50,920 --> 00:34:52,440
But they aren't in the approval loop.

1053
00:34:52,440 --> 00:34:54,440
This requires I-Inclad guardrails.

1054
00:34:54,440 --> 00:34:56,600
Most organizations progress through this spectrum

1055
00:34:56,600 --> 00:34:58,000
as confidence builds.

1056
00:34:58,000 --> 00:35:00,400
You start at level one and watch the suggestions.

1057
00:35:00,400 --> 00:35:02,480
After a month, you might see that you only override

1058
00:35:02,480 --> 00:35:05,720
5% of the agent's calls, so you move to level two.

1059
00:35:05,720 --> 00:35:07,680
Then, as the judgment proves reliable,

1060
00:35:07,680 --> 00:35:08,880
you move to level three.

1061
00:35:08,880 --> 00:35:11,080
But autonomy isn't one size fits all.

1062
00:35:11,080 --> 00:35:13,320
Fishing triage can reach level four quickly

1063
00:35:13,320 --> 00:35:15,200
because the cost of a mistake is low.

1064
00:35:15,200 --> 00:35:17,640
Identity policy changes might stay at level two.

1065
00:35:17,640 --> 00:35:19,760
Because a mistake there disrupts the whole business.

1066
00:35:19,760 --> 00:35:21,040
The accelerant is feedback.

1067
00:35:21,040 --> 00:35:22,920
Every time an analyst corrects an agent.

1068
00:35:22,920 --> 00:35:25,640
The system learns you don't wait for the agent to be perfect.

1069
00:35:25,640 --> 00:35:27,520
You let it run on low-risk tasks.

1070
00:35:27,520 --> 00:35:29,840
And you expand its reach as the accuracy climbs.

1071
00:35:29,840 --> 00:35:31,720
Human judgment doesn't disappear here.

1072
00:35:31,720 --> 00:35:32,600
It shifts.

1073
00:35:32,600 --> 00:35:35,480
You stop clicking approve on thousands of routine tasks.

1074
00:35:35,480 --> 00:35:37,480
Instead, you validate the guardrails.

1075
00:35:37,480 --> 00:35:38,600
You handle the exceptions.

1076
00:35:38,600 --> 00:35:41,560
That is a much better use of human expertise.

1077
00:35:41,560 --> 00:35:44,480
M-Dash, the security harness architecture.

1078
00:35:44,480 --> 00:35:46,320
M-Dash isn't a security tool.

1079
00:35:46,320 --> 00:35:47,640
That's the first thing to understand.

1080
00:35:47,640 --> 00:35:48,600
It's a framework.

1081
00:35:48,600 --> 00:35:50,920
It is an orchestration architecture designed

1082
00:35:50,920 --> 00:35:53,720
to move security analysis away from the old monolithic model

1083
00:35:53,720 --> 00:35:55,240
where one agent tries to do everything.

1084
00:35:55,240 --> 00:35:57,600
Instead, it uses a distributed pipeline.

1085
00:35:57,600 --> 00:35:59,800
You have different specialized agents operating

1086
00:35:59,800 --> 00:36:01,600
on different stages of the same problem.

1087
00:36:01,600 --> 00:36:02,720
They work independently.

1088
00:36:02,720 --> 00:36:03,920
They work in parallel.

1089
00:36:03,920 --> 00:36:06,280
The framework consists of five distinct stages.

1090
00:36:06,280 --> 00:36:07,760
Don't think of it like a production line.

1091
00:36:07,760 --> 00:36:09,480
Think of it as a scientific process

1092
00:36:09,480 --> 00:36:11,560
where every stage has its own methodology,

1093
00:36:11,560 --> 00:36:14,120
its own agents and its own success criteria.

1094
00:36:14,120 --> 00:36:15,560
Because the stages are independent,

1095
00:36:15,560 --> 00:36:17,480
you can improve one without breaking the others.

1096
00:36:17,480 --> 00:36:18,800
You can swap out agents.

1097
00:36:18,800 --> 00:36:20,680
You can refine the criteria that move work

1098
00:36:20,680 --> 00:36:22,160
from one stage to the next.

1099
00:36:22,160 --> 00:36:24,080
The entire system is modular by design.

1100
00:36:24,080 --> 00:36:25,920
The first stage is prepare.

1101
00:36:25,920 --> 00:36:27,800
This isn't where you analyze vulnerabilities.

1102
00:36:27,800 --> 00:36:29,280
This is where you understand the target.

1103
00:36:29,280 --> 00:36:30,320
You build thread models.

1104
00:36:30,320 --> 00:36:31,640
You map the attack surface.

1105
00:36:31,640 --> 00:36:33,240
You figure out what an attacker can actually

1106
00:36:33,240 --> 00:36:35,000
reach with external input.

1107
00:36:35,000 --> 00:36:37,560
Agents in this stage aren't looking for bugs yet.

1108
00:36:37,560 --> 00:36:39,560
They are building a representation of the system

1109
00:36:39,560 --> 00:36:41,000
that actually matters.

1110
00:36:41,000 --> 00:36:42,600
They ask, what are the entry points?

1111
00:36:42,600 --> 00:36:44,280
Where does untrusted data flow?

1112
00:36:44,280 --> 00:36:46,920
Which code regions are even reachable from the outside?

1113
00:36:46,920 --> 00:36:48,880
This stage produces a prioritized map

1114
00:36:48,880 --> 00:36:50,480
of what is worth analyzing.

1115
00:36:50,480 --> 00:36:52,040
It eliminates the noise of looking at code

1116
00:36:52,040 --> 00:36:53,720
that isn't even exposed to attackers.

1117
00:36:53,720 --> 00:36:55,200
Scan is the second stage.

1118
00:36:55,200 --> 00:36:57,520
This is where auditor agents do patent recognition.

1119
00:36:57,520 --> 00:36:59,360
They search for known vulnerability signatures

1120
00:36:59,360 --> 00:37:01,120
and look for unsafe operations.

1121
00:37:01,120 --> 00:37:03,480
They identify code that matches the characteristics

1122
00:37:03,480 --> 00:37:04,560
of previous bugs.

1123
00:37:04,560 --> 00:37:06,320
This stage generates candidates.

1124
00:37:06,320 --> 00:37:07,720
Possible vulnerabilities.

1125
00:37:07,720 --> 00:37:09,040
Not confirmed findings.

1126
00:37:09,040 --> 00:37:10,760
The volume coming out of this stage is high

1127
00:37:10,760 --> 00:37:12,280
because the agents aren't being careful.

1128
00:37:12,280 --> 00:37:13,120
They are being broad.

1129
00:37:13,120 --> 00:37:15,560
They find everything that looks remotely suspicious.

1130
00:37:15,560 --> 00:37:16,400
The reasoning is simple.

1131
00:37:16,400 --> 00:37:18,400
It's better to generate noise and filter it downstream

1132
00:37:18,400 --> 00:37:21,080
than to miss a vulnerability by being too conservative.

1133
00:37:21,080 --> 00:37:22,520
Validate is the third stage.

1134
00:37:22,520 --> 00:37:24,880
This is where the work from section 9 comes in.

1135
00:37:24,880 --> 00:37:26,560
But here is what matters structurally.

1136
00:37:26,560 --> 00:37:28,840
It's a distinct stage with its own set of agents.

1137
00:37:28,840 --> 00:37:30,440
These agents don't generate candidates.

1138
00:37:30,440 --> 00:37:31,280
They receive them.

1139
00:37:31,280 --> 00:37:32,600
They critique the findings.

1140
00:37:32,600 --> 00:37:33,560
They test the reasoning.

1141
00:37:33,560 --> 00:37:35,080
They challenge every assumption.

1142
00:37:35,080 --> 00:37:36,800
They ask whether the proposed vulnerability

1143
00:37:36,800 --> 00:37:39,360
is actually exploitable or if there are mitigations

1144
00:37:39,360 --> 00:37:40,560
that make it irrelevant.

1145
00:37:40,560 --> 00:37:42,600
The validator agents aren't helping the auditors.

1146
00:37:42,600 --> 00:37:43,600
They are questioning them.

1147
00:37:43,600 --> 00:37:46,240
That structural separation where auditors generate

1148
00:37:46,240 --> 00:37:50,080
and validators critique is what creates adversarial scrutiny.

1149
00:37:50,080 --> 00:37:52,280
Did duplicated is the stage people often miss?

1150
00:37:52,280 --> 00:37:55,200
Most scanners dump findings without caring a finding five

1151
00:37:55,200 --> 00:37:57,040
is actually the same bug as finding one.

1152
00:37:57,040 --> 00:37:58,680
M-Users semantic clustering.

1153
00:37:58,680 --> 00:38:00,280
It looks at findings holistically.

1154
00:38:00,280 --> 00:38:02,200
It asks, are these reports describing

1155
00:38:02,200 --> 00:38:04,840
the same underlying vulnerability from different angles?

1156
00:38:04,840 --> 00:38:07,680
Are they the same code location or different locations?

1157
00:38:07,680 --> 00:38:09,280
Did duplication reduces the noise

1158
00:38:09,280 --> 00:38:11,360
before it ever reaches the security team?

1159
00:38:11,360 --> 00:38:14,520
It ensures that the team sees each actual vulnerability once,

1160
00:38:14,520 --> 00:38:17,760
clearly, instead of seeing it repeated a dozen different ways.

1161
00:38:17,760 --> 00:38:19,320
Proof is the final stage.

1162
00:38:19,320 --> 00:38:21,120
This is where theory meets reality.

1163
00:38:21,120 --> 00:38:24,200
Prova agents attempt to generate proof of concept exploits.

1164
00:38:24,200 --> 00:38:26,200
They ask, can you actually trigger this?

1165
00:38:26,200 --> 00:38:27,440
Can you make the system crash?

1166
00:38:27,440 --> 00:38:28,680
Can you execute code?

1167
00:38:28,680 --> 00:38:29,920
These agents don't speculate.

1168
00:38:29,920 --> 00:38:31,880
They write actual attack code and they run it.

1169
00:38:31,880 --> 00:38:34,000
They instrument the system to watch what happens.

1170
00:38:34,000 --> 00:38:36,600
They validate that the vulnerability is reproducible,

1171
00:38:36,600 --> 00:38:39,440
not just a theoretical edge case that never actually occurs

1172
00:38:39,440 --> 00:38:41,800
when a vulnerability survives the proof stage.

1173
00:38:41,800 --> 00:38:44,840
It's a finding the security team can act on with confidence.

1174
00:38:44,840 --> 00:38:47,120
The power of this architecture is modularity.

1175
00:38:47,120 --> 00:38:48,800
If you want to improve the scan stage,

1176
00:38:48,800 --> 00:38:51,160
you can experiment with different agent configurations

1177
00:38:51,160 --> 00:38:53,120
without touching validate or proof.

1178
00:38:53,120 --> 00:38:55,600
If you discover a better way to cluster findings,

1179
00:38:55,600 --> 00:38:57,440
you improve the duplicate independently.

1180
00:38:57,440 --> 00:38:59,960
Each stage can evolve without breaking the pipeline

1181
00:38:59,960 --> 00:39:02,680
and this design principle scales far beyond vulnerability

1182
00:39:02,680 --> 00:39:03,480
discovery.

1183
00:39:03,480 --> 00:39:05,960
The same five stage logic applies to alert triage.

1184
00:39:05,960 --> 00:39:08,960
Prepare builds context, scan flags potential issues,

1185
00:39:08,960 --> 00:39:10,560
validate scrutinizes findings,

1186
00:39:10,560 --> 00:39:12,120
did duplicate remove the repeats,

1187
00:39:12,120 --> 00:39:13,680
prove confirms the actual risk,

1188
00:39:13,680 --> 00:39:16,640
different agents, same orchestration principle.

1189
00:39:16,640 --> 00:39:18,480
The architecture is generalizable.

1190
00:39:18,480 --> 00:39:21,160
Most importantly, modularity creates resilience.

1191
00:39:21,160 --> 00:39:23,080
Traditional security tools are monolithic.

1192
00:39:23,080 --> 00:39:25,920
If one component fails, the whole thing degrades.

1193
00:39:25,920 --> 00:39:28,000
The agentic framework lets you remove,

1194
00:39:28,000 --> 00:39:30,880
replace or improve components independently.

1195
00:39:30,880 --> 00:39:33,080
You aren't betting your entire detection strategy

1196
00:39:33,080 --> 00:39:34,880
on one model or one approach.

1197
00:39:34,880 --> 00:39:37,200
You are distributing risk across specialized agents

1198
00:39:37,200 --> 00:39:38,800
that is structural security.

1199
00:39:38,800 --> 00:39:41,040
Why validation matters more than detection?

1200
00:39:41,040 --> 00:39:42,400
The industry got this backward.

1201
00:39:42,400 --> 00:39:43,680
We obsess over detection.

1202
00:39:43,680 --> 00:39:44,640
We build detectors.

1203
00:39:44,640 --> 00:39:45,880
We measure detection rates.

1204
00:39:45,880 --> 00:39:47,800
We celebrate when we find more things.

1205
00:39:47,800 --> 00:39:49,400
But detection is the easy part.

1206
00:39:49,400 --> 00:39:51,880
Validation is what matters.

1207
00:39:51,880 --> 00:39:54,640
A traditional static analysis tool scans a code base

1208
00:39:54,640 --> 00:39:56,920
and runs pattern matching against the code.

1209
00:39:56,920 --> 00:39:58,440
It finds things that look suspicious.

1210
00:39:58,440 --> 00:40:00,840
It generates a report with 10,000 findings.

1211
00:40:00,840 --> 00:40:03,560
All of them are flagged as potential vulnerabilities.

1212
00:40:03,560 --> 00:40:04,960
All of them have the same urgency.

1213
00:40:04,960 --> 00:40:07,120
Now you've created a problem that is actually worse

1214
00:40:07,120 --> 00:40:08,680
than the one you are trying to solve.

1215
00:40:08,680 --> 00:40:10,920
You've taken complexity and you've multiplied it.

1216
00:40:10,920 --> 00:40:14,600
A security engineer opens that report and sees 10,000 items.

1217
00:40:14,600 --> 00:40:16,000
They have no idea which ones matter.

1218
00:40:16,000 --> 00:40:18,080
Some are real, most are false positives.

1219
00:40:18,080 --> 00:40:19,560
The engineer closes the report.

1220
00:40:19,560 --> 00:40:21,400
They don't have time to dig through the noise.

1221
00:40:21,400 --> 00:40:23,200
That's the detection trap.

1222
00:40:23,200 --> 00:40:25,120
More detection doesn't equal better security.

1223
00:40:25,120 --> 00:40:26,240
It equals more noise.

1224
00:40:26,240 --> 00:40:28,040
Validation is the inverse.

1225
00:40:28,040 --> 00:40:31,040
Validation says, I found something that looks suspicious.

1226
00:40:31,040 --> 00:40:32,880
Now let me prove it's actually exploitable,

1227
00:40:32,880 --> 00:40:34,440
not theoretically, actually.

1228
00:40:34,440 --> 00:40:35,280
Can I trigger it?

1229
00:40:35,280 --> 00:40:37,200
Can I make it fail in a way that matters?

1230
00:40:37,200 --> 00:40:40,080
Does it grant access, corrupt data, or execute code?

1231
00:40:40,080 --> 00:40:42,080
Or is there a mitigation that prevents the attack

1232
00:40:42,080 --> 00:40:44,440
even if the code is technically vulnerable?

1233
00:40:44,440 --> 00:40:46,920
The cost structure between detection and validation

1234
00:40:46,920 --> 00:40:48,360
explains why this matters.

1235
00:40:48,360 --> 00:40:49,440
Detection is cheap.

1236
00:40:49,440 --> 00:40:52,520
You scan the code, match patterns, and flag candidates.

1237
00:40:52,520 --> 00:40:53,440
It's done in seconds.

1238
00:40:53,440 --> 00:40:54,960
Validation is expensive.

1239
00:40:54,960 --> 00:40:56,400
You have to understand context.

1240
00:40:56,400 --> 00:40:58,240
You have to reason about reachability.

1241
00:40:58,240 --> 00:41:00,560
You have to construct and execute test cases.

1242
00:41:00,560 --> 00:41:03,000
You have to instrument the system and watch what happens.

1243
00:41:03,000 --> 00:41:05,200
That expense is why most tools skip validation.

1244
00:41:05,200 --> 00:41:06,880
They just detect and dump findings,

1245
00:41:06,880 --> 00:41:08,600
but that cost structure is backward.

1246
00:41:08,600 --> 00:41:11,120
The expensive part should happen once at analysis time

1247
00:41:11,120 --> 00:41:12,080
by the machine.

1248
00:41:12,080 --> 00:41:14,040
The cheap part, reviewing the findings,

1249
00:41:14,040 --> 00:41:16,080
should scale to zero human involvement.

1250
00:41:16,080 --> 00:41:17,680
Instead, we've built the opposite.

1251
00:41:17,680 --> 00:41:19,440
We generate cheap findings and make humans

1252
00:41:19,440 --> 00:41:20,920
do the expensive validation.

1253
00:41:20,920 --> 00:41:22,240
We've inverted the economics.

1254
00:41:22,240 --> 00:41:24,080
M-dash inverts it back.

1255
00:41:24,080 --> 00:41:26,120
The machine does the expensive validation.

1256
00:41:26,120 --> 00:41:28,520
The humans review findings that have already survived

1257
00:41:28,520 --> 00:41:29,840
skeptical scrutiny.

1258
00:41:29,840 --> 00:41:32,400
The machine says, I found a vulnerability.

1259
00:41:32,400 --> 00:41:35,520
Here is how to exploit it, and here is the proof of concept.

1260
00:41:35,520 --> 00:41:37,280
The human reviews that with confidence

1261
00:41:37,280 --> 00:41:39,240
because the machine has already done the hard work

1262
00:41:39,240 --> 00:41:40,760
of proving exploitability.

1263
00:41:40,760 --> 00:41:42,400
Here is the real world impact.

1264
00:41:42,400 --> 00:41:45,040
M-dash found 16 Windows vulnerabilities.

1265
00:41:45,040 --> 00:41:47,880
16, not 16,000, not 16,00.

1266
00:41:47,880 --> 00:41:50,880
16,4 of them were critical remote code execution flaws.

1267
00:41:50,880 --> 00:41:52,200
These aren't theoretical findings.

1268
00:41:52,200 --> 00:41:54,240
These are real exploitable bugs in a system

1269
00:41:54,240 --> 00:41:56,960
that had been analyzed by traditional tools countless times.

1270
00:41:56,960 --> 00:41:58,960
What changed wasn't the detection capability.

1271
00:41:58,960 --> 00:42:01,120
Windows code wasn't hiding from scanners.

1272
00:42:01,120 --> 00:42:02,720
What changed was validation.

1273
00:42:02,720 --> 00:42:04,800
The system validated that the suspicious patterns

1274
00:42:04,800 --> 00:42:06,320
that found were actually exploitable.

1275
00:42:06,320 --> 00:42:08,120
It proved they weren't false positives.

1276
00:42:08,120 --> 00:42:10,520
It eliminated the noise and surfaced the signal.

1277
00:42:10,520 --> 00:42:12,000
Compare that to traditional results.

1278
00:42:12,000 --> 00:42:15,440
A code scan generates a list where 90% is noise.

1279
00:42:15,440 --> 00:42:17,360
An engineer has to sift through 100 items

1280
00:42:17,360 --> 00:42:19,280
just to find one real vulnerability.

1281
00:42:19,280 --> 00:42:21,640
The engineer gets tired, they start ignoring findings.

1282
00:42:21,640 --> 00:42:24,040
The signal gets buried, confidence erodes.

1283
00:42:24,040 --> 00:42:25,440
The tool becomes useless.

1284
00:42:25,440 --> 00:42:28,080
This principle scales directly to SOQ operations.

1285
00:42:28,080 --> 00:42:30,200
A fishing triage agent isn't valuable

1286
00:42:30,200 --> 00:42:31,840
because it detects a lot of emails.

1287
00:42:31,840 --> 00:42:33,400
It's valuable because it validates

1288
00:42:33,400 --> 00:42:35,080
which ones are actually malicious.

1289
00:42:35,080 --> 00:42:36,680
An EDR alert agent isn't useful

1290
00:42:36,680 --> 00:42:38,680
because it flags suspicious processes.

1291
00:42:38,680 --> 00:42:40,120
It's useful because it validates

1292
00:42:40,120 --> 00:42:41,960
which ones actually warrant escalation.

1293
00:42:41,960 --> 00:42:43,360
The agent does the expensive work.

1294
00:42:43,360 --> 00:42:45,760
The reasoning, the context, the validation.

1295
00:42:45,760 --> 00:42:47,840
The human reviews the validated findings.

1296
00:42:47,840 --> 00:42:50,480
The bottleneck in modern security isn't finding problems.

1297
00:42:50,480 --> 00:42:52,320
It's validating which problems matter.

1298
00:42:52,320 --> 00:42:54,600
An organization drowning in alerts isn't drowning

1299
00:42:54,600 --> 00:42:55,960
because detection is failing.

1300
00:42:55,960 --> 00:42:58,040
It's drowning because validation is missing.

1301
00:42:58,040 --> 00:42:59,560
Traditional tools detect.

1302
00:42:59,560 --> 00:43:01,320
Agentex systems detect and validate.

1303
00:43:01,320 --> 00:43:02,680
That is the architectural difference.

1304
00:43:02,680 --> 00:43:04,640
That is why the signal to noise ratio

1305
00:43:04,640 --> 00:43:06,120
changes so dramatically.

1306
00:43:06,120 --> 00:43:08,600
It's why analysts can actually work with the findings

1307
00:43:08,600 --> 00:43:10,080
instead of being buried by them.

1308
00:43:10,080 --> 00:43:11,800
Validation is harder than detection.

1309
00:43:11,800 --> 00:43:12,880
It's also more valuable.

1310
00:43:12,880 --> 00:43:15,440
That's why it is the foundation of agentex defense.

1311
00:43:15,440 --> 00:43:16,760
The feedback loop.

1312
00:43:16,760 --> 00:43:18,480
How agents learn from humans.

1313
00:43:18,480 --> 00:43:20,560
The moment an analyst overrides an agent,

1314
00:43:20,560 --> 00:43:21,760
something important happens,

1315
00:43:21,760 --> 00:43:23,680
the agent doesn't just accept the correction.

1316
00:43:23,680 --> 00:43:24,720
It captures the gap.

1317
00:43:24,720 --> 00:43:26,000
It looks at what it suggested

1318
00:43:26,000 --> 00:43:27,800
versus what the analyst actually chose.

1319
00:43:27,800 --> 00:43:29,240
That gap is training data.

1320
00:43:29,240 --> 00:43:30,640
And that's how the agent improves.

1321
00:43:30,640 --> 00:43:32,920
Most organizations get this relationship backward.

1322
00:43:32,920 --> 00:43:35,240
They think they're just using agents to get work done,

1323
00:43:35,240 --> 00:43:37,440
but in reality, once you deploy an agent

1324
00:43:37,440 --> 00:43:39,120
at these levels, you're training it.

1325
00:43:39,120 --> 00:43:40,800
Every override is a lesson.

1326
00:43:40,800 --> 00:43:42,480
Every silent approval is reinforcement.

1327
00:43:42,480 --> 00:43:44,120
The agent isn't just running a script.

1328
00:43:44,120 --> 00:43:46,520
It's learning your specific patterns, your context,

1329
00:43:46,520 --> 00:43:47,840
and your risk tolerance.

1330
00:43:47,840 --> 00:43:50,600
Think about how this works in a real triage scenario.

1331
00:43:50,600 --> 00:43:52,000
A fishing agent flags an email

1332
00:43:52,000 --> 00:43:54,480
because the headers look forged and the domain is new.

1333
00:43:54,480 --> 00:43:57,400
Traditional indicators say this is a high risk attack.

1334
00:43:57,400 --> 00:43:59,000
But the analyst recognizes the message.

1335
00:43:59,000 --> 00:44:00,240
It's from a payroll processor

1336
00:44:00,240 --> 00:44:02,200
that uses a secondary domain.

1337
00:44:02,200 --> 00:44:04,880
The analyst overrides the agent and marks it as benign.

1338
00:44:04,880 --> 00:44:06,200
They don't just click a button.

1339
00:44:06,200 --> 00:44:08,760
They provide context, explaining that this is a trusted

1340
00:44:08,760 --> 00:44:11,160
provider even if the sender looks irregular.

1341
00:44:11,160 --> 00:44:13,840
The agent learns two things from that single interaction.

1342
00:44:13,840 --> 00:44:16,040
First, it learns that this specific sender

1343
00:44:16,040 --> 00:44:17,640
is safe in your environment.

1344
00:44:17,640 --> 00:44:19,200
Second, it learns a border category.

1345
00:44:19,200 --> 00:44:20,960
Legacy vendors with legitimate reasons

1346
00:44:20,960 --> 00:44:22,360
to send weird emails.

1347
00:44:22,360 --> 00:44:24,400
The agent starts recognizing those patterns.

1348
00:44:24,400 --> 00:44:26,040
It stops flagging them as high risk.

1349
00:44:26,040 --> 00:44:27,520
The general detection still works.

1350
00:44:27,520 --> 00:44:29,400
But now it's calibrated to your organization

1351
00:44:29,400 --> 00:44:30,640
instead of running blind.

1352
00:44:30,640 --> 00:44:32,800
This happens at scale across thousands of analysts

1353
00:44:32,800 --> 00:44:34,360
and thousands of overrides.

1354
00:44:34,360 --> 00:44:36,360
One person marks a sender as trusted.

1355
00:44:36,360 --> 00:44:38,560
Another identifies a common language pattern.

1356
00:44:38,560 --> 00:44:40,560
A third explains that the CEO sends emails

1357
00:44:40,560 --> 00:44:41,760
from a traveling account.

1358
00:44:41,760 --> 00:44:43,880
The agent absorbs all of these signals.

1359
00:44:43,880 --> 00:44:46,400
It's no longer learning from a static training set.

1360
00:44:46,400 --> 00:44:48,440
It's learning from your live environment.

1361
00:44:48,440 --> 00:44:50,880
And this creates a significant psychological shift.

1362
00:44:50,880 --> 00:44:53,040
Analysts aren't just processing alerts anymore.

1363
00:44:53,040 --> 00:44:53,840
They're trainers.

1364
00:44:53,840 --> 00:44:56,480
Their corrections are the most valuable data the agent gets

1365
00:44:56,480 --> 00:44:58,480
because that data is grounded in real context

1366
00:44:58,480 --> 00:45:00,320
that no generic model contains.

1367
00:45:00,320 --> 00:45:02,360
That role transformation changes how people feel

1368
00:45:02,360 --> 00:45:03,400
about their work.

1369
00:45:03,400 --> 00:45:06,120
Instead of racing against a never ending pile of alerts,

1370
00:45:06,120 --> 00:45:08,360
they're actively shaping how their tools behave.

1371
00:45:08,360 --> 00:45:09,240
It's less exhausting.

1372
00:45:09,240 --> 00:45:10,640
It's more meaningful.

1373
00:45:10,640 --> 00:45:11,440
But here's the problem.

1374
00:45:11,440 --> 00:45:13,480
If you don't monitor these feedback patterns,

1375
00:45:13,480 --> 00:45:15,120
agents learn the wrong lessons.

1376
00:45:15,120 --> 00:45:17,320
This is where encoded buyer starts to creep in.

1377
00:45:17,320 --> 00:45:19,240
Maybe analysts override agents more often

1378
00:45:19,240 --> 00:45:20,280
for certain user groups.

1379
00:45:20,280 --> 00:45:22,800
The agent might learn to be more trusting of those groups,

1380
00:45:22,800 --> 00:45:24,240
even if that wasn't the intention,

1381
00:45:24,240 --> 00:45:27,040
or maybe overrides cluster around certain shifts.

1382
00:45:27,040 --> 00:45:29,320
Encoding one person's inconsistent judgment

1383
00:45:29,320 --> 00:45:31,160
into the system's permanent behavior.

1384
00:45:31,160 --> 00:45:32,560
That's why drift detection matters.

1385
00:45:32,560 --> 00:45:34,760
You aren't just watching the agent's accuracy.

1386
00:45:34,760 --> 00:45:36,760
You're watching what the agent is learning from the humans.

1387
00:45:36,760 --> 00:45:38,960
The organization that wins is the one that treats

1388
00:45:38,960 --> 00:45:40,720
this loop as a critical process.

1389
00:45:40,720 --> 00:45:42,920
They don't just let analysts make random overrides.

1390
00:45:42,920 --> 00:45:45,000
They collect, analyze, and audit those changes

1391
00:45:45,000 --> 00:45:46,840
to see what the agent is actually becoming.

1392
00:45:46,840 --> 00:45:47,880
They catch drift early.

1393
00:45:47,880 --> 00:45:49,760
They prevent organizational blind spots

1394
00:45:49,760 --> 00:45:51,440
from becoming part of the code.

1395
00:45:51,440 --> 00:45:54,080
This depth of learning is what transforms a generic tool

1396
00:45:54,080 --> 00:45:55,680
into an adaptive system.

1397
00:45:55,680 --> 00:45:57,760
An agent from a vendor is just a product.

1398
00:45:57,760 --> 00:46:00,840
An agent trained by your feedback loop is a custom asset.

1399
00:46:00,840 --> 00:46:02,480
It becomes more valuable every month

1400
00:46:02,480 --> 00:46:04,160
as that feedback accumulates.

1401
00:46:04,160 --> 00:46:06,160
That compounding improvement is what eventually

1402
00:46:06,160 --> 00:46:07,760
justifies more autonomy.

1403
00:46:07,760 --> 00:46:10,040
The agent earns trust, not through a sales pitch,

1404
00:46:10,040 --> 00:46:13,200
but through demonstrated learning in your specific world.

1405
00:46:13,200 --> 00:46:15,000
The SOC role transformation.

1406
00:46:15,000 --> 00:46:17,800
The job of a Tier 1 and SOC analyst, as we know it today,

1407
00:46:17,800 --> 00:46:19,000
won't exist in two years.

1408
00:46:19,000 --> 00:46:20,040
That's not a prediction.

1409
00:46:20,040 --> 00:46:21,680
It's a statement of architectural fact.

1410
00:46:21,680 --> 00:46:23,760
You cannot have human triage operators in a system

1411
00:46:23,760 --> 00:46:25,640
where agents handle millions of alerts.

1412
00:46:25,640 --> 00:46:26,640
The economics don't work.

1413
00:46:26,640 --> 00:46:27,640
The timing doesn't work.

1414
00:46:27,640 --> 00:46:28,600
So the job transforms.

1415
00:46:28,600 --> 00:46:29,680
Tier 1 doesn't disappear.

1416
00:46:29,680 --> 00:46:31,600
It evolves into agent supervision.

1417
00:46:31,600 --> 00:46:33,240
Instead of clicking through alerts,

1418
00:46:33,240 --> 00:46:35,360
analysts manage agent behavior.

1419
00:46:35,360 --> 00:46:37,240
They watch what the agents are deciding.

1420
00:46:37,240 --> 00:46:39,520
They provide feedback when the logic misses the mark.

1421
00:46:39,520 --> 00:46:40,880
They handle the exceptions.

1422
00:46:40,880 --> 00:46:42,720
The cases where the agent's confidence was low

1423
00:46:42,720 --> 00:46:44,680
and human judgment is the only way forward.

1424
00:46:44,680 --> 00:46:46,440
The work shifts from executing tasks

1425
00:46:46,440 --> 00:46:48,440
to validating how the system performs them.

1426
00:46:48,440 --> 00:46:50,160
That is a completely different role.

1427
00:46:50,160 --> 00:46:51,440
It requires different skills.

1428
00:46:51,440 --> 00:46:54,200
It requires people who understand not just what the agent did.

1429
00:46:54,200 --> 00:46:54,960
But why it did it?

1430
00:46:54,960 --> 00:46:56,320
This is where reading agent reasoning

1431
00:46:56,320 --> 00:46:57,840
becomes a core competency.

1432
00:46:57,840 --> 00:47:00,360
An analyst in this model needs to understand the logic chain.

1433
00:47:00,360 --> 00:47:02,480
They need to spot where the assumptions were wrong.

1434
00:47:02,480 --> 00:47:05,200
They have to recognize when an agent got lucky.

1435
00:47:05,200 --> 00:47:07,560
Reaching the right conclusion for the wrong reasons.

1436
00:47:07,560 --> 00:47:09,080
If you can't read an activity log

1437
00:47:09,080 --> 00:47:11,240
and understand the decision-making process,

1438
00:47:11,240 --> 00:47:12,400
you can't do the job.

1439
00:47:12,400 --> 00:47:14,240
Traditional credential checking and alert counting

1440
00:47:14,240 --> 00:47:15,600
won't get you hired anymore.

1441
00:47:15,600 --> 00:47:16,800
The baseline has moved.

1442
00:47:16,800 --> 00:47:18,440
Tier 2 transforms differently.

1443
00:47:18,440 --> 00:47:20,800
Instead of owning every deep investigation,

1444
00:47:20,800 --> 00:47:22,840
they become the architects of the process.

1445
00:47:22,840 --> 00:47:24,480
The agent handles the straight forward hunt.

1446
00:47:24,480 --> 00:47:26,080
Tier 2 handles the boundaries.

1447
00:47:26,080 --> 00:47:28,240
They step in when the situation is ambiguous

1448
00:47:28,240 --> 00:47:30,240
or requires a high-stakes judgment call.

1449
00:47:30,240 --> 00:47:33,000
But more importantly, tier 2 owns the tuning.

1450
00:47:33,000 --> 00:47:34,960
When an agent generates too many false positives,

1451
00:47:34,960 --> 00:47:36,680
Tier 2 diagnoses the root cause.

1452
00:47:36,680 --> 00:47:38,040
They adjust the guardrails.

1453
00:47:38,040 --> 00:47:39,120
They refine the prompts.

1454
00:47:39,120 --> 00:47:41,520
They add the organizational context the agent was missing.

1455
00:47:41,520 --> 00:47:43,720
They move from doing the work to optimizing

1456
00:47:43,720 --> 00:47:45,080
how the work gets done.

1457
00:47:45,080 --> 00:47:48,560
This shift requires a total fluency in how agents think.

1458
00:47:48,560 --> 00:47:50,720
A tier 2 analyst has to understand the training data

1459
00:47:50,720 --> 00:47:51,800
that shaped the model.

1460
00:47:51,800 --> 00:47:53,520
They have to see when feedback loops are causing

1461
00:47:53,520 --> 00:47:55,240
unintended changes in behavior.

1462
00:47:55,240 --> 00:47:57,160
They propose adjustments with the confidence

1463
00:47:57,160 --> 00:47:58,800
that the change will actually help.

1464
00:47:58,800 --> 00:48:00,360
This isn't traditional investigation.

1465
00:48:00,360 --> 00:48:02,200
It's security operations engineering.

1466
00:48:02,200 --> 00:48:05,160
Tier 3, the threat hunters and advanced analysts,

1467
00:48:05,160 --> 00:48:08,040
shift toward governance and detection engineering.

1468
00:48:08,040 --> 00:48:09,640
The quality of the agent is directly

1469
00:48:09,640 --> 00:48:11,400
tied to the quality of the detection.

1470
00:48:11,400 --> 00:48:13,400
Better detections lead to better decisions.

1471
00:48:13,400 --> 00:48:15,600
So tier 3 invests their time there.

1472
00:48:15,600 --> 00:48:16,400
They build the rules.

1473
00:48:16,400 --> 00:48:17,080
They test them.

1474
00:48:17,080 --> 00:48:20,240
They measure false positive rates as inputs for agent training.

1475
00:48:20,240 --> 00:48:22,280
They become the guardians of signal quality,

1476
00:48:22,280 --> 00:48:23,960
because without high quality signals,

1477
00:48:23,960 --> 00:48:25,520
the agents just inherit garbage.

1478
00:48:25,520 --> 00:48:28,680
This is where the organization's competitive advantage lives.

1479
00:48:28,680 --> 00:48:31,560
Tier 3 isn't just hunting for known threats anymore.

1480
00:48:31,560 --> 00:48:33,720
They're building the infrastructure that feeds

1481
00:48:33,720 --> 00:48:35,080
every agent in the system.

1482
00:48:35,080 --> 00:48:36,440
That is a massive responsibility.

1483
00:48:36,440 --> 00:48:39,360
It's also a massive opportunity for career growth.

1484
00:48:39,360 --> 00:48:41,960
New roles are already starting to emerge from this shift.

1485
00:48:41,960 --> 00:48:44,960
AI governance specialists who audit agent behavior,

1486
00:48:44,960 --> 00:48:47,760
agent architects who design how multiple systems coordinate,

1487
00:48:47,760 --> 00:48:50,000
prompt engineers who tune behavior through language.

1488
00:48:50,000 --> 00:48:51,360
These aren't brand new categories.

1489
00:48:51,360 --> 00:48:53,000
They're just crystallizing out of work

1490
00:48:53,000 --> 00:48:54,480
that used to happen by accident.

1491
00:48:54,480 --> 00:48:57,560
The career path for someone starting in security is flipping.

1492
00:48:57,560 --> 00:48:59,160
You don't start by processing alerts.

1493
00:48:59,160 --> 00:49:01,760
You start by understanding how automated systems behave.

1494
00:49:01,760 --> 00:49:03,960
You learn detection engineering on day one.

1495
00:49:03,960 --> 00:49:04,880
Then you specialize.

1496
00:49:04,880 --> 00:49:06,560
Maybe you go deep on governance.

1497
00:49:06,560 --> 00:49:08,720
Or you tune agents for specific domains.

1498
00:49:08,720 --> 00:49:10,520
But the entry point is totally different.

1499
00:49:10,520 --> 00:49:13,640
The challenge is that the training pipeline doesn't exist yet.

1500
00:49:13,640 --> 00:49:15,760
Schools aren't teaching agent governance.

1501
00:49:15,760 --> 00:49:18,040
Boot camps aren't covering agent defense.

1502
00:49:18,040 --> 00:49:20,800
Most organizations are figuring this out in real time.

1503
00:49:20,800 --> 00:49:23,200
That's a gap, but it's also an opportunity.

1504
00:49:23,200 --> 00:49:25,040
The teams that build these training programs now

1505
00:49:25,040 --> 00:49:26,480
will have a massive advantage.

1506
00:49:26,480 --> 00:49:28,520
They aren't waiting for the industry to catch up.

1507
00:49:28,520 --> 00:49:30,400
They're building the workforce they need today.

1508
00:49:30,400 --> 00:49:33,400
Cost-benefit reality when agents reduce costs.

1509
00:49:33,400 --> 00:49:36,000
There is a conversation happening in most organizations right now.

1510
00:49:36,000 --> 00:49:37,360
It sounds like this.

1511
00:49:37,360 --> 00:49:38,880
Agents are expensive.

1512
00:49:38,880 --> 00:49:40,960
Look at these security compute unit bills.

1513
00:49:40,960 --> 00:49:43,280
We aren't sure we can justify the spend.

1514
00:49:43,280 --> 00:49:45,000
The premise contains a hidden assumption.

1515
00:49:45,000 --> 00:49:46,120
That assumption is wrong.

1516
00:49:46,120 --> 00:49:47,760
Security compute units cost money.

1517
00:49:47,760 --> 00:49:48,440
That is a fact.

1518
00:49:48,440 --> 00:49:51,720
You are renting compute capacity from Microsoft to run your agents.

1519
00:49:51,720 --> 00:49:54,560
And when those agents query data or validate findings,

1520
00:49:54,560 --> 00:49:56,040
they consume SCUs.

1521
00:49:56,040 --> 00:49:58,600
The pricing is transparent at roughly $4 per hour,

1522
00:49:58,600 --> 00:50:01,440
but if you provision four SCUs constantly for a month,

1523
00:50:01,440 --> 00:50:03,360
you are looking at a $3,000 bill.

1524
00:50:03,360 --> 00:50:04,520
That number stings.

1525
00:50:04,520 --> 00:50:06,240
It gets flagged in budget reviews.

1526
00:50:06,240 --> 00:50:07,480
It makes people pause.

1527
00:50:07,480 --> 00:50:10,640
But what doesn't get flagged is the cost the agent is replacing.

1528
00:50:10,640 --> 00:50:15,080
A fully loaded analyst, including salary, benefits, and tools,

1529
00:50:15,080 --> 00:50:21,040
costs and organization between $80,000 and $150,000 every year.

1530
00:50:21,040 --> 00:50:23,520
The real question isn't whether the compute bill is high.

1531
00:50:23,520 --> 00:50:25,360
It's whether the agent is more or less expensive

1532
00:50:25,360 --> 00:50:26,880
than the person it replaces.

1533
00:50:26,880 --> 00:50:29,880
Look at the fishing triage agent at St. Luke's Health Network.

1534
00:50:29,880 --> 00:50:33,600
It saves 200 hours per month, which is about 10 analyst weeks of work.

1535
00:50:33,600 --> 00:50:36,600
And if you value an analyst at a conservative $30 per hour,

1536
00:50:36,600 --> 00:50:38,960
that is $6,000 in monthly labor.

1537
00:50:38,960 --> 00:50:42,080
That adds up to $72,000 annually in free-up time.

1538
00:50:42,080 --> 00:50:43,720
Now, subtract the compute cost.

1539
00:50:43,720 --> 00:50:47,000
Even if a dedicated agent runs four SCUs around the clock,

1540
00:50:47,000 --> 00:50:50,840
you are trading $3,000 in compute for $6,000 in labor.

1541
00:50:50,840 --> 00:50:52,160
The math isn't even close.

1542
00:50:52,160 --> 00:50:55,200
Alert triage agents take this logic even further.

1543
00:50:55,200 --> 00:50:57,680
Fishing is a bounded workflow, but alert triage applies

1544
00:50:57,680 --> 00:51:00,840
to everything from EDR to cloud monitoring and identity systems.

1545
00:51:00,840 --> 00:51:03,680
When an agent handles 80% of routine triage,

1546
00:51:03,680 --> 00:51:05,560
you aren't just helping one person.

1547
00:51:05,560 --> 00:51:09,280
You are eliminating a massive portion of your entire tier one capacity.

1548
00:51:09,280 --> 00:51:11,440
The compute cost stays roughly the same.

1549
00:51:11,440 --> 00:51:12,840
The labor savings multiply.

1550
00:51:12,840 --> 00:51:15,160
Organizations implementing this are seeing a break even point

1551
00:51:15,160 --> 00:51:16,560
within three to six months.

1552
00:51:16,560 --> 00:51:18,280
That is a fast horizon for a new tool.

1553
00:51:18,280 --> 00:51:21,040
By month seven, the system is running entirely on savings,

1554
00:51:21,040 --> 00:51:23,080
and everything after that is pure margin.

1555
00:51:23,080 --> 00:51:26,000
But the financial model usually misses the biggest hidden cost.

1556
00:51:26,000 --> 00:51:27,240
Turnover.

1557
00:51:27,240 --> 00:51:30,680
71% of analysts report burnout, and 64% are thinking

1558
00:51:30,680 --> 00:51:32,440
about leaving security entirely.

1559
00:51:32,440 --> 00:51:34,440
Replacing an analyst costs between six months

1560
00:51:34,440 --> 00:51:36,160
and a year of their full salary when you factor

1561
00:51:36,160 --> 00:51:37,480
in recruiting and training.

1562
00:51:37,480 --> 00:51:40,120
When you remove the repetitive triage that burns people out,

1563
00:51:40,120 --> 00:51:41,480
you keep your talent longer.

1564
00:51:41,480 --> 00:51:45,000
That retention alone pays for the agent's multiple times over.

1565
00:51:45,000 --> 00:51:46,000
There is a catch, though.

1566
00:51:46,000 --> 00:51:48,800
A cheap agent that hallucinates or operates outside its guardrails

1567
00:51:48,800 --> 00:51:50,560
is a liability, not a saver.

1568
00:51:50,560 --> 00:51:52,400
If the agent generates false positives

1569
00:51:52,400 --> 00:51:56,000
that analysts have to fix, you have just added more work to the pile.

1570
00:51:56,000 --> 00:51:59,120
The financial case only holds if the agent actually works.

1571
00:51:59,120 --> 00:52:01,560
The final piece is organizational readiness.

1572
00:52:01,560 --> 00:52:03,880
The math is solid, so the barrier isn't the numbers.

1573
00:52:03,880 --> 00:52:04,680
It's the culture.

1574
00:52:04,680 --> 00:52:07,680
It is about retraining analysts to oversee agents

1575
00:52:07,680 --> 00:52:09,560
rather than just clicking through alerts.

1576
00:52:09,560 --> 00:52:12,000
The economics stay the same, but the readiness to capture

1577
00:52:12,000 --> 00:52:14,760
those savings varies from one team to the next.

1578
00:52:14,760 --> 00:52:18,080
The trust problem, building confidence in autonomous systems.

1579
00:52:18,080 --> 00:52:20,040
The skepticism is legitimate.

1580
00:52:20,040 --> 00:52:23,400
An analyst sits down in front of an autonomous agent and thinks,

1581
00:52:23,400 --> 00:52:26,120
this thing is going to miss something critical.

1582
00:52:26,120 --> 00:52:27,720
They worry about being blamed for a breach

1583
00:52:27,720 --> 00:52:29,160
because they trusted a machine.

1584
00:52:29,160 --> 00:52:30,080
That isn't paranoia.

1585
00:52:30,080 --> 00:52:31,440
It's risk awareness.

1586
00:52:31,440 --> 00:52:34,720
It is the same instinct that makes us cautious about any system

1587
00:52:34,720 --> 00:52:37,880
that removes human judgment from high stakes decisions.

1588
00:52:37,880 --> 00:52:40,400
Analysts don't care if agents are accurate and aggregate.

1589
00:52:40,400 --> 00:52:42,680
They care if the agent misses the specific thing

1590
00:52:42,680 --> 00:52:44,080
that blows up the company.

1591
00:52:44,080 --> 00:52:46,480
And the honest answer is agents will miss things,

1592
00:52:46,480 --> 00:52:47,520
so will humans.

1593
00:52:47,520 --> 00:52:50,000
The real question is whether the miss rate is acceptable

1594
00:52:50,000 --> 00:52:52,040
and if the system is designed to catch those misses

1595
00:52:52,040 --> 00:52:52,920
when they happen.

1596
00:52:52,920 --> 00:52:54,600
Think about what makes a miss visible.

1597
00:52:54,600 --> 00:52:56,320
An agent closes an alert as benign,

1598
00:52:56,320 --> 00:52:58,600
but later that alert turns out to be malicious

1599
00:52:58,600 --> 00:53:00,080
and the organization gets hit.

1600
00:53:00,080 --> 00:53:01,480
The agent didn't create that risk.

1601
00:53:01,480 --> 00:53:02,880
It just failed to prevent it.

1602
00:53:02,880 --> 00:53:05,640
A human doing manual triage would likely have missed it too.

1603
00:53:05,640 --> 00:53:07,320
The advantage the agent has is volume.

1604
00:53:07,320 --> 00:53:09,120
The agent evaluated 10,000 alerts

1605
00:53:09,120 --> 00:53:11,160
while the human only looked at 100.

1606
00:53:11,160 --> 00:53:13,160
The agent's miss was hiding in 10,000.

1607
00:53:13,160 --> 00:53:15,080
The human's miss was hiding in 100.

1608
00:53:15,080 --> 00:53:16,040
The odds matter.

1609
00:53:16,040 --> 00:53:17,720
But trust isn't built on aggregate odds.

1610
00:53:17,720 --> 00:53:18,920
It is built on transparency.

1611
00:53:18,920 --> 00:53:20,240
You need to see what the agent did

1612
00:53:20,240 --> 00:53:21,680
and why it made that specific choice.

1613
00:53:21,680 --> 00:53:23,520
An agent that explains it flagged a URL

1614
00:53:23,520 --> 00:53:24,640
because of malware signatures

1615
00:53:24,640 --> 00:53:27,040
and a new domain registration is a transparent agent,

1616
00:53:27,040 --> 00:53:28,400
you can see the reasoning.

1617
00:53:28,400 --> 00:53:30,000
You can disagree with the waiting.

1618
00:53:30,000 --> 00:53:31,120
You can provide feedback.

1619
00:53:31,120 --> 00:53:32,480
The logic is auditable.

1620
00:53:32,480 --> 00:53:36,080
This is why activity logs are the foundation of trust.

1621
00:53:36,080 --> 00:53:38,080
They aren't just compliance documents.

1622
00:53:38,080 --> 00:53:41,560
A tier one analyst who walks through an agent's decision-making process

1623
00:53:41,560 --> 00:53:44,280
gains confidence by understanding how the system thinks.

1624
00:53:44,280 --> 00:53:45,880
Does it make the same mistakes humans make?

1625
00:53:45,880 --> 00:53:47,400
Does it miss the same edge cases?

1626
00:53:47,400 --> 00:53:50,560
Understanding that pattern is how you build a relationship with the system.

1627
00:53:50,560 --> 00:53:53,480
Microsoft's fishing triage agent improved verdict accuracy

1628
00:53:53,480 --> 00:53:55,840
by 77% compared to the baseline.

1629
00:53:55,840 --> 00:53:57,160
That is a massive jump.

1630
00:53:57,160 --> 00:53:59,560
It shows a system learning the patterns of malicious email

1631
00:53:59,560 --> 00:54:00,800
better than people can.

1632
00:54:00,800 --> 00:54:02,880
But that statistic doesn't create trust.

1633
00:54:02,880 --> 00:54:05,000
Demonstrated performance does.

1634
00:54:05,000 --> 00:54:07,920
An organization deploys the agent and watches what it does.

1635
00:54:07,920 --> 00:54:09,440
They override the wrong verdicts

1636
00:54:09,440 --> 00:54:11,120
and see how the agent adjusts.

1637
00:54:11,120 --> 00:54:13,080
Month by month, the override rate drops.

1638
00:54:13,080 --> 00:54:14,760
Seeing the agent improve in real time

1639
00:54:14,760 --> 00:54:17,400
builds trust faster than any benchmark ever could.

1640
00:54:17,400 --> 00:54:19,000
False negatives are a reality.

1641
00:54:19,000 --> 00:54:20,600
The agent will miss malicious emails

1642
00:54:20,600 --> 00:54:22,880
and it will fail to flag some EDR alerts.

1643
00:54:22,880 --> 00:54:24,680
But false positives are also real

1644
00:54:24,680 --> 00:54:26,640
and they create their own kind of blindness.

1645
00:54:26,640 --> 00:54:28,080
When everything is flagged as dangerous,

1646
00:54:28,080 --> 00:54:30,000
nothing gets a real investigation.

1647
00:54:30,000 --> 00:54:31,560
The signal to noise ratio gets so bad

1648
00:54:31,560 --> 00:54:33,120
that the human might as well be guessing.

1649
00:54:33,120 --> 00:54:34,920
An agent that misses one in 10,000 threats

1650
00:54:34,920 --> 00:54:37,480
but stops 10,000 false positives is more trustworthy

1651
00:54:37,480 --> 00:54:39,440
because the signal actually matters.

1652
00:54:39,440 --> 00:54:40,640
Trust is built through pilots.

1653
00:54:40,640 --> 00:54:41,840
You don't turn on full autonomy

1654
00:54:41,840 --> 00:54:43,720
across the entire queue on day one.

1655
00:54:43,720 --> 00:54:45,560
You start with the lowest risk subset,

1656
00:54:45,560 --> 00:54:47,360
like fishing from known internal senders

1657
00:54:47,360 --> 00:54:49,720
or alerts from non-critical dev devices.

1658
00:54:49,720 --> 00:54:52,320
You watch, you measure, you collect override patterns.

1659
00:54:52,320 --> 00:54:53,760
Once the override rate stabilizes,

1660
00:54:53,760 --> 00:54:55,480
you expand to higher risk cases.

1661
00:54:55,480 --> 00:54:57,800
You aren't betting the company on the agent's judgment.

1662
00:54:57,800 --> 00:54:59,320
You are gradually increasing the stakes

1663
00:54:59,320 --> 00:55:00,760
as the data proves it works.

1664
00:55:00,760 --> 00:55:02,840
The psychological shift is what matters most.

1665
00:55:02,840 --> 00:55:04,880
An analyst starts by supervising the agent

1666
00:55:04,880 --> 00:55:06,760
and auditing every single decision.

1667
00:55:06,760 --> 00:55:09,120
Over time, they transition into a different stance.

1668
00:55:09,120 --> 00:55:10,960
The agent isn't a tool they are checking.

1669
00:55:10,960 --> 00:55:12,480
It's a system they are overseeing.

1670
00:55:12,480 --> 00:55:14,600
The question changes from, is this right?

1671
00:55:14,600 --> 00:55:16,640
To is the system operating as intended?

1672
00:55:16,640 --> 00:55:18,200
That shift is what enables autonomy

1673
00:55:18,200 --> 00:55:20,560
not because the analyst trusts the agent blindly,

1674
00:55:20,560 --> 00:55:23,520
but because the evidence shows the reasoning actually works.

1675
00:55:23,520 --> 00:55:26,680
Agentec defense versus traditional SO key automation.

1676
00:55:26,680 --> 00:55:28,920
Security operations are already full of automation.

1677
00:55:28,920 --> 00:55:30,800
Most enterprises have SOAR platforms.

1678
00:55:30,800 --> 00:55:32,400
They have rule-based playbooks.

1679
00:55:32,400 --> 00:55:33,840
They have workflows that trigger

1680
00:55:33,840 --> 00:55:35,560
when specific conditions are met.

1681
00:55:35,560 --> 00:55:38,360
You might think agentec defense is just the next version of that.

1682
00:55:38,360 --> 00:55:40,160
In some ways, it is.

1683
00:55:40,160 --> 00:55:41,120
But in reality,

1684
00:55:41,120 --> 00:55:43,600
it operates on a completely different model.

1685
00:55:43,600 --> 00:55:44,760
SOAR is procedural.

1686
00:55:44,760 --> 00:55:46,040
It follows a script.

1687
00:55:46,040 --> 00:55:48,760
If a alert type equals x, then run playbook y.

1688
00:55:48,760 --> 00:55:50,440
A suspicious process is detected.

1689
00:55:50,440 --> 00:55:52,040
The playbook pulls file hashes.

1690
00:55:52,040 --> 00:55:53,400
It checks the parent process.

1691
00:55:53,400 --> 00:55:55,920
It isolates the endpoint if the rules say so.

1692
00:55:55,920 --> 00:55:57,240
The playbook is a sequence.

1693
00:55:57,240 --> 00:55:58,960
Step A leads to step B.

1694
00:55:58,960 --> 00:56:01,000
But the moment something unexpected happens.

1695
00:56:01,000 --> 00:56:02,000
The model breaks.

1696
00:56:02,000 --> 00:56:03,360
Maybe the data format changed.

1697
00:56:03,360 --> 00:56:04,880
Maybe the situation requires judgment

1698
00:56:04,880 --> 00:56:06,280
that wasn't coded into the script.

1699
00:56:06,280 --> 00:56:07,360
The automation stops.

1700
00:56:07,360 --> 00:56:08,680
It escalates to a human.

1701
00:56:08,680 --> 00:56:10,720
The system was too rigid for the real world.

1702
00:56:10,720 --> 00:56:12,400
Agentec defense is declarative.

1703
00:56:12,400 --> 00:56:13,440
You don't give it a script.

1704
00:56:13,440 --> 00:56:14,840
You give it an objective.

1705
00:56:14,840 --> 00:56:15,960
Investigate this alert.

1706
00:56:15,960 --> 00:56:17,200
Determine if it's malicious.

1707
00:56:17,200 --> 00:56:19,160
Recommend how to contain it.

1708
00:56:19,160 --> 00:56:21,160
The agent figures out the how.

1709
00:56:21,160 --> 00:56:22,640
It isn't locked into a sequence.

1710
00:56:22,640 --> 00:56:23,560
It's pursuing a goal.

1711
00:56:23,560 --> 00:56:25,640
If it finds unexpected data, it reasons about it.

1712
00:56:25,640 --> 00:56:27,000
If it discovers new context,

1713
00:56:27,000 --> 00:56:28,360
it changes its assessment.

1714
00:56:28,360 --> 00:56:30,400
The agent doesn't break when reality shifts.

1715
00:56:30,400 --> 00:56:31,520
It adapts to the gap.

1716
00:56:31,520 --> 00:56:33,440
This has a massive practical consequence.

1717
00:56:33,440 --> 00:56:35,280
SOAR only covers what you built it for.

1718
00:56:35,280 --> 00:56:37,800
You built 50 playbooks for your most common alerts.

1719
00:56:37,800 --> 00:56:39,160
But then the environment changes.

1720
00:56:39,160 --> 00:56:40,160
New apps deploy.

1721
00:56:40,160 --> 00:56:41,480
New attack patterns emerge.

1722
00:56:41,480 --> 00:56:43,280
Cloud configurations get messy.

1723
00:56:43,280 --> 00:56:45,880
Your 50 playbooks still handle the 60% of alerts

1724
00:56:45,880 --> 00:56:47,040
they were designed for.

1725
00:56:47,040 --> 00:56:48,400
But 60% isn't scaled.

1726
00:56:48,400 --> 00:56:51,680
It means 40% of your threats are escaping automation entirely.

1727
00:56:51,680 --> 00:56:53,240
Agentec systems don't hit that wall.

1728
00:56:53,240 --> 00:56:55,080
They aren't built for specific cases.

1729
00:56:55,080 --> 00:56:56,360
They are built to reason.

1730
00:56:56,360 --> 00:56:58,520
New situations don't need new playbooks

1731
00:56:58,520 --> 00:56:59,720
because the agent learns.

1732
00:56:59,720 --> 00:57:01,240
Then there's the maintenance burden.

1733
00:57:01,240 --> 00:57:03,880
In a traditional SOC, someone has to edit the playbooks.

1734
00:57:03,880 --> 00:57:05,400
New data sources come online.

1735
00:57:05,400 --> 00:57:06,720
Response policies change.

1736
00:57:06,720 --> 00:57:08,960
Every small adjustment requires a code change.

1737
00:57:08,960 --> 00:57:09,880
It needs testing.

1738
00:57:09,880 --> 00:57:10,800
It needs approval.

1739
00:57:10,800 --> 00:57:13,200
In large organizations, this becomes a bottleneck.

1740
00:57:13,200 --> 00:57:14,760
Playbooks start to drift.

1741
00:57:14,760 --> 00:57:15,760
They aren't updated.

1742
00:57:15,760 --> 00:57:17,240
They fail silently.

1743
00:57:17,240 --> 00:57:19,840
You're running outdated logic against modern threats.

1744
00:57:19,840 --> 00:57:21,440
Agentec systems don't work like that.

1745
00:57:21,440 --> 00:57:23,600
They use feedback loops to adjust behavior.

1746
00:57:23,600 --> 00:57:25,600
You don't need a developer to update the logic.

1747
00:57:25,600 --> 00:57:26,800
You just provide feedback.

1748
00:57:26,800 --> 00:57:27,960
The agent adjusts.

1749
00:57:27,960 --> 00:57:29,880
The performance gap is clear in the numbers.

1750
00:57:29,880 --> 00:57:32,000
Matursoir implementations usually improve

1751
00:57:32,000 --> 00:57:33,800
MTTR by 30 to 40%.

1752
00:57:33,800 --> 00:57:34,520
That's good.

1753
00:57:34,520 --> 00:57:37,880
But agentec defense is seeing reductions of 50 to 75%.

1754
00:57:37,880 --> 00:57:38,680
The gap is widening.

1755
00:57:38,680 --> 00:57:41,160
SOIR is optimizing a fixed set of procedures.

1756
00:57:41,160 --> 00:57:43,960
Agentec systems are optimizing the decision-making itself.

1757
00:57:43,960 --> 00:57:45,800
Most organizations won't switch overnight.

1758
00:57:45,800 --> 00:57:47,080
They run a hybrid model.

1759
00:57:47,080 --> 00:57:48,760
SOIR handles the routine stuff.

1760
00:57:48,760 --> 00:57:49,920
Agents handle the rest.

1761
00:57:49,920 --> 00:57:52,520
Over time, the agents absorb more of the load.

1762
00:57:52,520 --> 00:57:54,360
The playbooks become a legacy system.

1763
00:57:54,360 --> 00:57:57,360
Eventually, you shed the procedural automation entirely.

1764
00:57:57,360 --> 00:57:59,680
Because in reality, procedural logic has limits.

1765
00:57:59,680 --> 00:58:01,920
Agentec systems move past them.

1766
00:58:01,920 --> 00:58:03,960
Duel time as the true North metric.

1767
00:58:03,960 --> 00:58:06,400
There's a fundamental mismatch in how we measure security.

1768
00:58:06,400 --> 00:58:07,400
We talk about response.

1769
00:58:07,400 --> 00:58:09,760
We track MTTD, mean time to detect how fast

1770
00:58:09,760 --> 00:58:10,920
did you spot the threat?

1771
00:58:10,920 --> 00:58:12,680
Most organizations obsess over this.

1772
00:58:12,680 --> 00:58:14,000
Two hours, 30 minutes.

1773
00:58:14,000 --> 00:58:15,920
It sounds impressive.

1774
00:58:15,920 --> 00:58:17,240
But it's the wrong metric.

1775
00:58:17,240 --> 00:58:18,520
Here's what's actually happening.

1776
00:58:18,520 --> 00:58:19,880
An attacker breaks in.

1777
00:58:19,880 --> 00:58:21,040
They move laterally.

1778
00:58:21,040 --> 00:58:22,560
They establish persistence.

1779
00:58:22,560 --> 00:58:23,720
Three days go by.

1780
00:58:23,720 --> 00:58:27,240
Finally, someone notices weird traffic and alert fires.

1781
00:58:27,240 --> 00:58:28,680
You detect it.

1782
00:58:28,680 --> 00:58:31,760
MTTD 72 hours.

1783
00:58:31,760 --> 00:58:33,680
But the attacker was already there for weeks

1784
00:58:33,680 --> 00:58:35,200
before that initial break-in.

1785
00:58:35,200 --> 00:58:37,720
The real question isn't how fast you saw the alert.

1786
00:58:37,720 --> 00:58:40,320
It's how long they operated before you even knew they existed.

1787
00:58:40,320 --> 00:58:41,280
That's dwell time.

1788
00:58:41,280 --> 00:58:43,720
Duel time is what actually correlates with damage.

1789
00:58:43,720 --> 00:58:46,280
Every day an attacker is inside is a day they move deeper.

1790
00:58:46,280 --> 00:58:47,480
They compromise more accounts.

1791
00:58:47,480 --> 00:58:48,400
They find more data.

1792
00:58:48,400 --> 00:58:49,560
They build more back doors.

1793
00:58:49,560 --> 00:58:52,720
If dwell time is 90 days, they've had 90 days to finish the job.

1794
00:58:52,720 --> 00:58:54,520
If it's five days, they're limited.

1795
00:58:54,520 --> 00:58:55,760
The difference isn't just time.

1796
00:58:55,760 --> 00:58:58,160
It's the exponential scale of the disaster.

1797
00:58:58,160 --> 00:58:59,920
Organizations using agentec defense

1798
00:58:59,920 --> 00:59:02,760
are seeing dwell time drop by 40% to 60%.

1799
00:59:02,760 --> 00:59:04,320
That isn't just a speed improvement.

1800
00:59:04,320 --> 00:59:06,080
It's a compression of the attacker's window.

1801
00:59:06,080 --> 00:59:08,040
A 90-day window becomes 45.

1802
00:59:08,040 --> 00:59:10,760
That's the difference between losing your entire database.

1803
00:59:10,760 --> 00:59:12,400
And catching them during reconnaissance.

1804
00:59:12,400 --> 00:59:13,400
The measurement is hard.

1805
00:59:13,400 --> 00:59:15,280
Duel time requires forensics.

1806
00:59:15,280 --> 00:59:17,520
You have to find the exact moment of compromise.

1807
00:59:17,520 --> 00:59:19,600
Most organizations don't have the logs for that.

1808
00:59:19,600 --> 00:59:21,760
Data degrades by the time you're looking back.

1809
00:59:21,760 --> 00:59:22,920
The timeline is fuzzy.

1810
00:59:22,920 --> 00:59:24,840
You're making guesses.

1811
00:59:24,840 --> 00:59:26,760
But just because it's hard to measure,

1812
00:59:26,760 --> 00:59:27,880
doesn't mean it's not essential.

1813
00:59:27,880 --> 00:59:28,760
You need this number.

1814
00:59:28,760 --> 00:59:29,880
You need to track the trends.

1815
00:59:29,880 --> 00:59:32,680
You need to see if your investments, like agentec defense,

1816
00:59:32,680 --> 00:59:34,240
are actually moving the needle.

1817
00:59:34,240 --> 00:59:35,720
This requires a shift in thinking.

1818
00:59:35,720 --> 00:59:37,920
You aren't optimizing for alert speed anymore.

1819
00:59:37,920 --> 00:59:39,640
You're optimizing for investigation depth.

1820
00:59:39,640 --> 00:59:42,320
Humans can't scale detection across thousands of signals.

1821
00:59:42,320 --> 00:59:43,240
But an agent can.

1822
00:59:43,240 --> 00:59:46,040
It runs continuously across cloud logs, identity signals,

1823
00:59:46,040 --> 00:59:46,960
and network traffic.

1824
00:59:46,960 --> 00:59:48,840
It catches anomalies that would hide for weeks

1825
00:59:48,840 --> 00:59:49,960
from a human analyst.

1826
00:59:49,960 --> 00:59:53,080
And once it finds something, the investigation happens at speed.

1827
00:59:53,080 --> 00:59:55,400
An analyst might take three hours to correlate logs

1828
00:59:55,400 --> 00:59:56,320
and thread intel.

1829
00:59:56,320 --> 00:59:57,560
An agent does it in seconds.

1830
00:59:57,560 --> 00:59:58,880
The investigation accelerates.

1831
00:59:58,880 --> 01:00:00,280
Containment accelerates.

1832
01:00:00,280 --> 01:00:01,760
That's how you compress dwell time.

1833
01:00:01,760 --> 01:00:04,320
This makes agentec defense a risk management imperative.

1834
01:00:04,320 --> 01:00:06,200
It's not a nice to have for a mature SOC.

1835
01:00:06,200 --> 01:00:08,280
It's the foundation of whether you can stop a breach

1836
01:00:08,280 --> 01:00:09,920
before it causes real damage.

1837
01:00:09,920 --> 01:00:11,520
In a world of 90 day dwell times,

1838
01:00:11,520 --> 01:00:13,520
you're just waiting for a compliance violation,

1839
01:00:13,520 --> 01:00:14,440
or a total data loss.

1840
01:00:14,440 --> 01:00:16,680
The gap between traditional socks and agentec defense

1841
01:00:16,680 --> 01:00:17,480
is widening.

1842
01:00:17,480 --> 01:00:19,120
One catches attackers in months.

1843
01:00:19,120 --> 01:00:20,800
The other catches them in days.

1844
01:00:20,800 --> 01:00:23,720
That difference changes everything downstream, incident costs,

1845
01:00:23,720 --> 01:00:26,040
forensic costs, business impact.

1846
01:00:26,040 --> 01:00:28,920
The organizations that make dwell time their north star,

1847
01:00:28,920 --> 01:00:30,800
they emerge with a different risk profile.

1848
01:00:30,800 --> 01:00:32,040
They aren't just faster.

1849
01:00:32,040 --> 01:00:34,200
They are fundamentally more secure.

1850
01:00:34,200 --> 01:00:36,360
The threat landscape, forcing the shift,

1851
01:00:36,360 --> 01:00:38,480
you can argue that agentec defense is optional.

1852
01:00:38,480 --> 01:00:40,320
You can say traditional socks are enough

1853
01:00:40,320 --> 01:00:41,800
that the investment is premature,

1854
01:00:41,800 --> 01:00:43,200
or that the timing isn't right.

1855
01:00:43,200 --> 01:00:45,640
But those arguments fall apart the moment you look at the attack

1856
01:00:45,640 --> 01:00:46,240
side.

1857
01:00:46,240 --> 01:00:49,840
Adversaries are already using agentec AI, not in the future.

1858
01:00:49,840 --> 01:00:51,360
Now they use it for reconnaissance.

1859
01:00:51,360 --> 01:00:53,160
They use it to find lateral movement parts.

1860
01:00:53,160 --> 01:00:55,200
They use it for exploitation and evasion.

1861
01:00:55,200 --> 01:00:57,360
These tools are compressing attack life cycles

1862
01:00:57,360 --> 01:01:00,600
in ways that traditional defense simply cannot match.

1863
01:01:01,280 --> 01:01:02,960
Research from Palo Alto Network shows

1864
01:01:02,960 --> 01:01:06,320
that agentec AI can speed up and attack by 100 times.

1865
01:01:06,320 --> 01:01:08,600
What used to take a month now takes three days.

1866
01:01:08,600 --> 01:01:10,600
What took three days now takes three hours.

1867
01:01:10,600 --> 01:01:11,600
That isn't hyperbole.

1868
01:01:11,600 --> 01:01:13,800
It's the reality of a machine automating

1869
01:01:13,800 --> 01:01:15,360
the thinking parts of an assault.

1870
01:01:15,360 --> 01:01:16,840
Think about the operational impact,

1871
01:01:16,840 --> 01:01:18,640
an attacker gets into your environment.

1872
01:01:18,640 --> 01:01:20,560
In the old model, they might spend a week mapping

1873
01:01:20,560 --> 01:01:22,320
your network and finding targets.

1874
01:01:22,320 --> 01:01:24,160
An agentec system does that in a few hours.

1875
01:01:24,160 --> 01:01:25,760
It isn't doing anything a human couldn't do.

1876
01:01:25,760 --> 01:01:28,000
It's just doing it across thousands of data points at once.

1877
01:01:28,000 --> 01:01:29,240
The machine doesn't sleep.

1878
01:01:29,240 --> 01:01:30,640
It doesn't have bandwidth limits.

1879
01:01:30,640 --> 01:01:32,680
A single attacker with these tools now has the power

1880
01:01:32,680 --> 01:01:34,080
of a 10 person team.

1881
01:01:34,080 --> 01:01:36,240
The implication for your defense is unavoidable.

1882
01:01:36,240 --> 01:01:38,720
If your detection and investigation run at human speed,

1883
01:01:38,720 --> 01:01:40,320
you are being outpaced by machines.

1884
01:01:40,320 --> 01:01:42,800
A traditional SOC catches things when they slow down

1885
01:01:42,800 --> 01:01:44,600
or when a mistake becomes visible.

1886
01:01:44,600 --> 01:01:46,480
But an agentec attacker doesn't slow down

1887
01:01:46,480 --> 01:01:48,280
and they are trained to stay invisible.

1888
01:01:48,280 --> 01:01:50,320
Your team is playing catch-up against an opponent

1889
01:01:50,320 --> 01:01:52,760
moving 10 times faster than they are.

1890
01:01:52,760 --> 01:01:54,560
But the shift isn't just about faster attackers.

1891
01:01:54,560 --> 01:01:56,240
It's about the scale explosion.

1892
01:01:56,240 --> 01:01:58,320
Cloud native environments generate 10 times

1893
01:01:58,320 --> 01:02:00,640
more security signals than all data centers.

1894
01:02:00,640 --> 01:02:02,360
Containers spin up and down constantly.

1895
01:02:02,360 --> 01:02:04,800
Services scale, logs multiply.

1896
01:02:04,800 --> 01:02:07,880
A traditional SOC might handle thousands of alerts a day.

1897
01:02:07,880 --> 01:02:10,600
But a cloud native company sees hundreds of thousands.

1898
01:02:10,600 --> 01:02:12,400
No human team can triage that volume.

1899
01:02:12,400 --> 01:02:15,000
The only way to scale is through agent-driven triage.

1900
01:02:15,000 --> 01:02:16,160
And once you move to agents,

1901
01:02:16,160 --> 01:02:18,560
the entire architecture of your defense changes.

1902
01:02:18,560 --> 01:02:20,360
Then you have to add complexity.

1903
01:02:20,360 --> 01:02:21,880
Multi-cloud is the standard.

1904
01:02:21,880 --> 01:02:23,520
Hybrid cloud is permanent.

1905
01:02:23,520 --> 01:02:26,160
You have applications running across Kubernetes clusters

1906
01:02:26,160 --> 01:02:28,520
and serverless functions executing in parallel.

1907
01:02:28,520 --> 01:02:30,120
The attack surface is much more complex

1908
01:02:30,120 --> 01:02:32,280
than the isolated data centers we used to protect.

1909
01:02:32,280 --> 01:02:33,920
No human can track all of that at once.

1910
01:02:33,920 --> 01:02:36,120
No static playbook can cover that much ground.

1911
01:02:36,120 --> 01:02:38,840
The only architecture that works is one where agents reason

1912
01:02:38,840 --> 01:02:41,400
about context and adapt to new situations.

1913
01:02:41,400 --> 01:02:44,400
Regulatory pressure adds the final layer of urgency.

1914
01:02:44,400 --> 01:02:47,640
NIS2 in Europe now demands continuous security assurance.

1915
01:02:47,640 --> 01:02:50,720
Dora mandates specific timeframes for incident response.

1916
01:02:50,720 --> 01:02:54,000
You can no longer just say you detected a breach eventually.

1917
01:02:54,000 --> 01:02:55,760
You have to prove your controls are monitored

1918
01:02:55,760 --> 01:02:57,880
and that incidents are handled within tight windows.

1919
01:02:57,880 --> 01:03:00,200
A traditional SOC struggles to prove this.

1920
01:03:00,200 --> 01:03:02,440
An agentex system creates the exact audit trail

1921
01:03:02,440 --> 01:03:03,920
that regulators are looking for.

1922
01:03:03,920 --> 01:03:05,080
The conclusion is clear.

1923
01:03:05,080 --> 01:03:06,880
Agentex defense isn't a luxury.

1924
01:03:06,880 --> 01:03:08,000
It's table stakes.

1925
01:03:08,000 --> 01:03:10,920
Organizations stuck in the old SOC model aren't just slower.

1926
01:03:10,920 --> 01:03:12,320
They are operationally blind.

1927
01:03:12,320 --> 01:03:14,440
They can't see threats operating at scale.

1928
01:03:14,440 --> 01:03:16,120
They can't investigate fast enough.

1929
01:03:16,120 --> 01:03:17,840
The gap between the old way and the new way

1930
01:03:17,840 --> 01:03:19,720
is widening every single month.

1931
01:03:19,720 --> 01:03:22,320
Moving to agentex defense isn't about being an innovator.

1932
01:03:22,320 --> 01:03:24,680
It's about reaching the minimum level of safety required

1933
01:03:24,680 --> 01:03:26,040
to survive.

1934
01:03:26,040 --> 01:03:29,040
Implementation, reality, the messy path forward.

1935
01:03:29,040 --> 01:03:32,120
No organization flips a switch and runs on agentex defense

1936
01:03:32,120 --> 01:03:32,640
tomorrow.

1937
01:03:32,640 --> 01:03:34,080
The people selling you that vision are

1938
01:03:34,080 --> 01:03:35,600
describing a theoretical future.

1939
01:03:35,600 --> 01:03:36,720
Not a practical reality.

1940
01:03:36,720 --> 01:03:37,840
The transition is phased.

1941
01:03:37,840 --> 01:03:38,480
It's messy.

1942
01:03:38,480 --> 01:03:41,000
It requires parallel systems and a lot of patients.

1943
01:03:41,000 --> 01:03:43,360
Accepting this messiness isn't being cynical.

1944
01:03:43,360 --> 01:03:44,240
It's being a realist.

1945
01:03:44,240 --> 01:03:47,480
Unrealistic timelines are what kill these projects.

1946
01:03:47,480 --> 01:03:49,320
The first phase is about assistive agents

1947
01:03:49,320 --> 01:03:50,600
on low-risk workflows.

1948
01:03:50,600 --> 01:03:52,240
This is the right place to start.

1949
01:03:52,240 --> 01:03:53,840
You deploy a fishing triage agent

1950
01:03:53,840 --> 01:03:55,200
that suggests a verdict.

1951
01:03:55,200 --> 01:03:56,360
Analysts review the work.

1952
01:03:56,360 --> 01:03:57,800
There is no autonomy yet.

1953
01:03:57,800 --> 01:04:00,000
Just better information delivered faster.

1954
01:04:00,000 --> 01:04:01,800
The impact is immediate because analysts

1955
01:04:01,800 --> 01:04:04,200
see the agents reasoning alongside their own.

1956
01:04:04,200 --> 01:04:06,040
They start to learn how the agent thinks.

1957
01:04:06,040 --> 01:04:07,400
They override it when it's wrong.

1958
01:04:07,400 --> 01:04:08,480
That feedback is gold.

1959
01:04:08,480 --> 01:04:10,520
You are collecting training data at zero risk

1960
01:04:10,520 --> 01:04:12,280
because a human is always in the loop.

1961
01:04:12,280 --> 01:04:15,040
You can usually move through this phase in about three or four months.

1962
01:04:15,040 --> 01:04:17,000
The second phase expands the roster of agents.

1963
01:04:17,000 --> 01:04:18,800
You keep the same human in the loop structure

1964
01:04:18,800 --> 01:04:20,320
but apply it to more areas.

1965
01:04:20,320 --> 01:04:22,000
You bring in agents for EDR alerts,

1966
01:04:22,000 --> 01:04:24,320
cloud configurations and identity anomalies.

1967
01:04:24,320 --> 01:04:26,200
You still aren't automating actions yet.

1968
01:04:26,200 --> 01:04:28,040
You're augmenting human judgment at scale.

1969
01:04:28,040 --> 01:04:30,600
This is where you start to see patterns in the overrides.

1970
01:04:30,600 --> 01:04:33,320
You see which alerts the analysts disagree with most.

1971
01:04:33,320 --> 01:04:35,760
You see which false positives are the most common.

1972
01:04:35,760 --> 01:04:37,600
This data tells you how to tune the agents

1973
01:04:37,600 --> 01:04:39,560
before you give them more power.

1974
01:04:39,560 --> 01:04:41,880
This phase typically lasts four to six months.

1975
01:04:41,880 --> 01:04:44,400
Phase three is where the real transformation happens.

1976
01:04:44,400 --> 01:04:47,280
Semi-autonomous agents start executing low-risk actions

1977
01:04:47,280 --> 01:04:48,560
without waiting for a click.

1978
01:04:48,560 --> 01:04:50,600
The fishing agent closes benign emails.

1979
01:04:50,600 --> 01:04:53,200
The identity agent applies a temporary block.

1980
01:04:53,200 --> 01:04:55,160
The EDR agent isolates a development system

1981
01:04:55,160 --> 01:04:56,240
that isn't mission-critical.

1982
01:04:56,240 --> 01:04:58,320
These are reversible low-consequence actions.

1983
01:04:58,320 --> 01:04:59,920
Everything else still goes to a human.

1984
01:04:59,920 --> 01:05:02,480
This is where the productivity gains actually show up.

1985
01:05:02,480 --> 01:05:03,720
But this is also where governance

1986
01:05:03,720 --> 01:05:05,920
becomes the most important part of the job.

1987
01:05:05,920 --> 01:05:08,520
You have to define exactly what low-risk means.

1988
01:05:08,520 --> 01:05:11,040
You have to audit the agents' behavior against those rules.

1989
01:05:11,040 --> 01:05:13,120
This phase takes four to eight months

1990
01:05:13,120 --> 01:05:15,560
because you are learning how to govern autonomous systems

1991
01:05:15,560 --> 01:05:16,480
in real time.

1992
01:05:16,480 --> 01:05:19,400
The biggest mistakes happen when people try to skip these phases.

1993
01:05:19,400 --> 01:05:20,720
An organization gets excited

1994
01:05:20,720 --> 01:05:22,880
and wants to go fully autonomous on day one.

1995
01:05:22,880 --> 01:05:24,840
They think the bottleneck is the technology.

1996
01:05:24,840 --> 01:05:26,680
But it's actually organizational readiness.

1997
01:05:26,680 --> 01:05:29,040
They start phase three without doing the work in phase one.

1998
01:05:29,040 --> 01:05:31,360
They turn on high-autonomy agents for critical systems.

1999
01:05:31,360 --> 01:05:32,440
The agent makes a mistake.

2000
01:05:32,440 --> 01:05:35,200
It shuts down a production server or misses a critical alert.

2001
01:05:35,200 --> 01:05:37,360
Now the team is fighting a fire instead of learning

2002
01:05:37,360 --> 01:05:38,200
that they lose confidence.

2003
01:05:38,200 --> 01:05:39,200
They roll back the project.

2004
01:05:39,200 --> 01:05:40,840
They might not try again for years.

2005
01:05:40,840 --> 01:05:42,440
That isn't a failure of the AI.

2006
01:05:42,440 --> 01:05:44,400
It's a failure of the roll-out strategy.

2007
01:05:44,400 --> 01:05:46,440
Another mistake is ignoring data quality.

2008
01:05:46,440 --> 01:05:48,960
Agents are only as good as the data they can see.

2009
01:05:48,960 --> 01:05:52,040
If your logging is incomplete or your threat feeds are stale,

2010
01:05:52,040 --> 01:05:53,840
the agent inherits those flaws.

2011
01:05:53,840 --> 01:05:56,000
If you deploy a fishing agent behind a legacy gateway

2012
01:05:56,000 --> 01:05:58,600
that rewrites headers, the agent becomes unreliable.

2013
01:05:58,600 --> 01:06:00,040
You end up blaming the technology

2014
01:06:00,040 --> 01:06:02,160
when the real problem was your data infrastructure.

2015
01:06:02,160 --> 01:06:05,000
That mistake costs months of progress and destroys trust.

2016
01:06:05,000 --> 01:06:07,520
The third mistake is skipping the governance framework.

2017
01:06:07,520 --> 01:06:09,000
Agents need their own identities.

2018
01:06:09,000 --> 01:06:11,280
They need specific permissions and clear-ordered trails,

2019
01:06:11,280 --> 01:06:13,440
building that infrastructure isn't exciting.

2020
01:06:13,440 --> 01:06:15,720
And nobody gets promoted for setting up agent logs.

2021
01:06:15,720 --> 01:06:18,600
So organizations skip it, they deploy agents that run blind.

2022
01:06:18,600 --> 01:06:21,120
Nobody knows exactly what the agent did or why it did it.

2023
01:06:21,120 --> 01:06:23,640
The moment you have to explain a decision to a regulator,

2024
01:06:23,640 --> 01:06:24,600
you are in trouble.

2025
01:06:24,600 --> 01:06:26,880
That backwards approach eventually breaks everything.

2026
01:06:26,880 --> 01:06:29,480
A realistic timeline to move through all three phases

2027
01:06:29,480 --> 01:06:30,960
is 12 to 18 months.

2028
01:06:30,960 --> 01:06:32,280
That isn't a bug in the system.

2029
01:06:32,280 --> 01:06:33,160
It's the right speed.

2030
01:06:33,160 --> 01:06:35,280
It gives your organization time to build confidence.

2031
01:06:35,280 --> 01:06:38,480
It gives your analyst time to learn how to supervise agents

2032
01:06:38,480 --> 01:06:40,400
instead of just clicking on alerts.

2033
01:06:40,400 --> 01:06:42,200
It gives your governance rules time to settle

2034
01:06:42,200 --> 01:06:43,880
before the agents have real power.

2035
01:06:43,880 --> 01:06:46,760
The teams that move faster usually burn out by cutting corners.

2036
01:06:46,760 --> 01:06:48,040
The teams that move slower

2037
01:06:48,040 --> 01:06:49,320
never see the benefits.

2038
01:06:49,320 --> 01:06:51,560
12 to 18 months is the window for success.

2039
01:06:51,560 --> 01:06:52,480
The future state,

2040
01:06:52,480 --> 01:06:54,360
a genetic fabric is operating model.

2041
01:06:54,360 --> 01:06:56,840
Five years from now, running a SOC without agents

2042
01:06:56,840 --> 01:06:59,120
will feel like running a data center without a CM.

2043
01:06:59,120 --> 01:07:00,560
It's technically possible.

2044
01:07:00,560 --> 01:07:02,000
But it's practically absurd.

2045
01:07:02,000 --> 01:07:03,720
The infrastructure is evolving so fast

2046
01:07:03,720 --> 01:07:05,720
that going back to human-driven alert processing

2047
01:07:05,720 --> 01:07:06,800
will be unthinkable.

2048
01:07:06,800 --> 01:07:08,600
But this future isn't about having more agents

2049
01:07:08,600 --> 01:07:09,640
or even faster ones.

2050
01:07:09,640 --> 01:07:11,000
It's about the model behind them.

2051
01:07:11,000 --> 01:07:12,640
It's about how they coordinate, learn,

2052
01:07:12,640 --> 01:07:15,440
and operate as a unified fabric under human governance.

2053
01:07:15,440 --> 01:07:17,200
The shift is complete when agents stop

2054
01:07:17,200 --> 01:07:19,960
being isolated tools and start being network layers.

2055
01:07:19,960 --> 01:07:22,240
Think about a fishing agent detecting malicious content

2056
01:07:22,240 --> 01:07:22,960
in an email.

2057
01:07:22,960 --> 01:07:24,920
In the old model, it just closes a ticket.

2058
01:07:24,920 --> 01:07:26,640
In the new model, it reports those findings

2059
01:07:26,640 --> 01:07:29,400
to an identity agent monitoring the sender's domain.

2060
01:07:29,400 --> 01:07:31,600
That identity agent then adjusts risk scores

2061
01:07:31,600 --> 01:07:33,480
for every future login from that domain.

2062
01:07:33,480 --> 01:07:36,600
At the same time, an EDR agent connects that fishing hit

2063
01:07:36,600 --> 01:07:39,320
to suspicious files on the endpoints that open the mail.

2064
01:07:39,320 --> 01:07:41,680
The endpoint agent then changes its behavior baseline

2065
01:07:41,680 --> 01:07:43,200
for those specific machines.

2066
01:07:43,200 --> 01:07:44,360
Agents talk to agents.

2067
01:07:44,360 --> 01:07:45,280
They share context.

2068
01:07:45,280 --> 01:07:46,440
They reinforce each other.

2069
01:07:46,440 --> 01:07:49,320
The system gets smarter not because individual tools improve,

2070
01:07:49,320 --> 01:07:50,720
but because their collective reasoning

2071
01:07:50,720 --> 01:07:52,040
grows more sophisticated.

2072
01:07:52,040 --> 01:07:53,000
That's the fabric.

2073
01:07:53,000 --> 01:07:56,200
It isn't orchestrated by humans clicking buttons in a dashboard.

2074
01:07:56,200 --> 01:07:58,320
It isn't following static so-or-logic that breaks

2075
01:07:58,320 --> 01:07:59,920
the moment of variable changes.

2076
01:07:59,920 --> 01:08:03,000
It's orchestrated by agents passing signals through the system,

2077
01:08:03,000 --> 01:08:05,520
with each agent respecting the decisions of others,

2078
01:08:05,520 --> 01:08:08,560
and each adding the knowledge that makes the next agent smarter.

2079
01:08:08,560 --> 01:08:10,680
Your role as a human transforms into governance

2080
01:08:10,680 --> 01:08:12,160
and oversight of that fabric.

2081
01:08:12,160 --> 01:08:14,440
You aren't directing individual agents anymore.

2082
01:08:14,440 --> 01:08:16,720
You're setting the policies for how they interact,

2083
01:08:16,720 --> 01:08:19,400
what signals they share, and where their autonomy ends.

2084
01:08:19,400 --> 01:08:22,120
Because agent quality flows directly from signal quality,

2085
01:08:22,120 --> 01:08:24,840
detection engineering becomes the foundational human skill.

2086
01:08:24,840 --> 01:08:26,760
Organizations serious about agentec defense

2087
01:08:26,760 --> 01:08:28,240
will invest in detection engineering

2088
01:08:28,240 --> 01:08:30,560
the same way they used to invest in seam deployments.

2089
01:08:30,560 --> 01:08:33,160
You aren't looking for small holes in detection logic anymore.

2090
01:08:33,160 --> 01:08:36,080
You're looking at the detection fabric as a complete system.

2091
01:08:36,080 --> 01:08:39,240
If detections generate too much noise, you scale them back.

2092
01:08:39,240 --> 01:08:41,080
If they're missing certain classes of attacks,

2093
01:08:41,080 --> 01:08:42,720
you expand the signal patterns.

2094
01:08:42,720 --> 01:08:45,160
If different agents start contradicting each other,

2095
01:08:45,160 --> 01:08:47,240
you reconcile the underlying logic.

2096
01:08:47,240 --> 01:08:49,000
This work happens every single day.

2097
01:08:49,000 --> 01:08:52,320
It isn't an annual exercise, it's the heartbeat of the organization.

2098
01:08:52,320 --> 01:08:55,600
The learning loop that starts with feedback accelerates at scale.

2099
01:08:55,600 --> 01:08:57,720
In a large environment, you might see tens of thousands

2100
01:08:57,720 --> 01:08:59,720
of analyst overrides every month.

2101
01:08:59,720 --> 01:09:01,120
Each one of those carries context

2102
01:09:01,120 --> 01:09:03,880
about your specific environment and your unique risk tolerance.

2103
01:09:03,880 --> 01:09:07,320
That feedback doesn't just fix one agent, it propagates.

2104
01:09:07,320 --> 01:09:09,040
When an analyst tells a fishing agent

2105
01:09:09,040 --> 01:09:11,320
that a specific sender is actually trusted,

2106
01:09:11,320 --> 01:09:14,320
that correction teaches every downstream agent too.

2107
01:09:14,320 --> 01:09:16,640
The organization becomes increasingly intelligent

2108
01:09:16,640 --> 01:09:19,360
about what actually matters in its own context.

2109
01:09:19,360 --> 01:09:22,680
We're seeing regulatory frameworks for AI agents emerge right now.

2110
01:09:22,680 --> 01:09:24,360
In five years, they'll be the standard.

2111
01:09:24,360 --> 01:09:27,640
You'll have to prove that your agents operate within defined guardrails

2112
01:09:27,640 --> 01:09:29,400
and that their behavior is auditable.

2113
01:09:29,400 --> 01:09:31,080
You'll need to show that feedback loops

2114
01:09:31,080 --> 01:09:33,760
don't accidentally encode organizational blind spots.

2115
01:09:33,760 --> 01:09:36,320
You'll need to ensure that autonomous decisions

2116
01:09:36,320 --> 01:09:38,320
are reversible or low consequence.

2117
01:09:38,320 --> 01:09:39,440
These aren't obstacles.

2118
01:09:39,440 --> 01:09:42,760
They're the structure that makes autonomous agents trust worthy at scale.

2119
01:09:42,760 --> 01:09:44,680
Governance stops being an overhead cost

2120
01:09:44,680 --> 01:09:47,040
and becomes the foundation of the entire operation.

2121
01:09:47,040 --> 01:09:49,320
This coordination extends beyond your own walls.

2122
01:09:49,320 --> 01:09:52,320
Third party agents will integrate directly into your fabric.

2123
01:09:52,320 --> 01:09:54,360
A vulnerability scanner from a vendor works

2124
01:09:54,360 --> 01:09:55,800
within your governance framework.

2125
01:09:55,800 --> 01:09:57,520
A threat intelligence agent from a provider

2126
01:09:57,520 --> 01:09:59,360
feeds signals into your detection layer.

2127
01:09:59,360 --> 01:10:01,600
A compliance agent validates that your posture

2128
01:10:01,600 --> 01:10:03,120
meets specific mandates.

2129
01:10:03,120 --> 01:10:05,400
These agents operate within the policies you define,

2130
01:10:05,400 --> 01:10:07,080
but they bring specialized expertise,

2131
01:10:07,080 --> 01:10:08,800
your internal team doesn't have.

2132
01:10:08,800 --> 01:10:11,920
The fabric becomes permeable to trusted external intelligence.

2133
01:10:11,920 --> 01:10:15,040
Humans and agents eventually operate as a unified system

2134
01:10:15,040 --> 01:10:17,240
not because we taught agents to think like humans,

2135
01:10:17,240 --> 01:10:19,640
but because both are focused on the same goal.

2136
01:10:19,640 --> 01:10:21,360
Reducing organizational risk.

2137
01:10:21,360 --> 01:10:24,920
An agent prioritizes what you should investigate first based on impact.

2138
01:10:24,920 --> 01:10:27,680
You provide the feedback the agent needs to recalibrate.

2139
01:10:27,680 --> 01:10:30,600
An agent escalates a decision because it hit a boundary.

2140
01:10:30,600 --> 01:10:33,760
You adjust those boundaries based on the organization's appetite for risk.

2141
01:10:33,760 --> 01:10:35,720
The system has different parts with different roles,

2142
01:10:35,720 --> 01:10:37,760
but the incentives are finally aligned.

2143
01:10:37,760 --> 01:10:40,280
Career parts are already changing because of this reality.

2144
01:10:40,280 --> 01:10:41,960
Nobody's going to enter the security field

2145
01:10:41,960 --> 01:10:44,120
and spend five years manually processing alerts

2146
01:10:44,120 --> 01:10:46,600
that the fabric absorbs that work, entry-level work

2147
01:10:46,600 --> 01:10:49,000
will be about understanding how agents reason

2148
01:10:49,000 --> 01:10:51,040
and how they integrate with the environment.

2149
01:10:51,040 --> 01:10:53,320
You'll learn detection engineering on day one.

2150
01:10:53,320 --> 01:10:55,920
You'll build your fundamentals in the genetic defense.

2151
01:10:55,920 --> 01:10:57,640
From there you specialize in governance,

2152
01:10:57,640 --> 01:10:59,280
architecture or threat hunting.

2153
01:10:59,280 --> 01:11:01,520
The latter isn't about moving from a alert processing

2154
01:11:01,520 --> 01:11:03,160
to senior investigation.

2155
01:11:03,160 --> 01:11:04,880
It's about finding your niche in a system

2156
01:11:04,880 --> 01:11:07,920
where detection and response are already automated.

2157
01:11:07,920 --> 01:11:10,840
The vision here isn't human replacement, it's human elevation.

2158
01:11:10,840 --> 01:11:13,120
It's about analysts doing work that actually matters

2159
01:11:13,120 --> 01:11:14,960
instead of work that machines do better.

2160
01:11:14,960 --> 01:11:18,200
Decision making instead of data entry, strategy instead of reaction,

2161
01:11:18,200 --> 01:11:20,440
building the infrastructure that fuels the system

2162
01:11:20,440 --> 01:11:21,800
instead of being the fuel yourself.

2163
01:11:21,800 --> 01:11:23,000
That's the operating model.

2164
01:11:23,000 --> 01:11:24,520
That's what agent defense enables

2165
01:11:24,520 --> 01:11:27,120
when you move toward a coordinated fabric.

2166
01:11:27,120 --> 01:11:29,720
Beyond the prompt, the prompt era is ending.

2167
01:11:29,720 --> 01:11:31,080
Chatting with your security data

2168
01:11:31,080 --> 01:11:34,040
or asking a chatbot for an analysis was just the introduction,

2169
01:11:34,040 --> 01:11:36,280
but it doesn't scale, it doesn't adapt fast enough

2170
01:11:36,280 --> 01:11:39,040
and it doesn't match the speed of the modern threat landscape.

2171
01:11:39,040 --> 01:11:41,240
The real future is the security agent fabric,

2172
01:11:41,240 --> 01:11:44,040
orchestrated systems learning continuously, validating each other

2173
01:11:44,040 --> 01:11:45,360
and adapting to your environment.

2174
01:11:45,360 --> 01:11:47,760
Your competitive advantage isn't just having agents.

2175
01:11:47,760 --> 01:11:49,240
It's how well you govern them

2176
01:11:49,240 --> 01:11:51,920
and how you integrate their insights back into the business.

2177
01:11:51,920 --> 01:11:52,880
Start small.

2178
01:11:52,880 --> 01:11:55,360
Deploy assistive agents on fishing and let them run

2179
01:11:55,360 --> 01:11:56,920
while you build your governance model.

2180
01:11:56,920 --> 01:11:59,040
Measure everything, watch the override patterns,

2181
01:11:59,040 --> 01:12:00,840
expand their autonomy gradually.

2182
01:12:00,840 --> 01:12:02,480
The analysts who thrive will be the ones

2183
01:12:02,480 --> 01:12:04,880
who become supervisors and detection engineers.

2184
01:12:04,880 --> 01:12:07,080
The organizations that win are those moving away

2185
01:12:07,080 --> 01:12:08,120
from human middleware.

2186
01:12:08,120 --> 01:12:09,960
This isn't about replacing humans.

2187
01:12:09,960 --> 01:12:11,120
It's about freeing them.