Is AI Going to Make the SOC Redundant In the Next Couple of Years?
SOC Analyst here with three years experience (5 years total of IT experience). I work for a smaller MSSP. My employer announced that they are working in implementing AI into the SOC. How they plan to do it, is the AI can look at typically low-tier alerts, have an automated work flow and close them if they are benign and even send out emails to consumers, if they feel they are malicious. Sounds good in theory and it's being touted as making the SOC less noisy. But if AI can take over those lower tier alerts, how long before 90% of the SOC can be fully automated? Before AI can be trained to handle everything. Including looking into EDRs.
I work for a smaller MSSP. I make less than six figures. I've been trying to move into IR with not much luck. But hearing what we can do with AI and how it will be implemented in the coming weeks does spook me. If my company can implement this, what are the bigger guys doing? What are the large companies, the larger MSSPs, FAANG and others working on? Is this the beginning of end of the SOC as a career?
Like a lot of people in the career field. The job market seems awful. I've been continuing to upscale and gain more certs but it's been slow. I'm just worried that I am going to get laid off due to AI before I find something better.
What are you guys seeing at your employers?