Let's SOC About It

D3 Security

Let's SOC About It is a cybersecurity podcast by D3 Security that answers the big and small questions in cybersecurity. Join Amy Tom in conversation with industry experts to explore the ins-and-outs of cybersecurity.

  1. 5 DAYS AGO

    Prompt Kiddies & AI Phishing: How Cybercriminals Are Using AI to Outsmart Your Security Stack

    Amy Tom sits down with Ali Alame, co-founder and CTO of CyberArmor, to talk about what's actually happening in the world of AI-generated phishing attacks. Ali shares what his team is seeing on the front lines: from 13-year-old hackers running phishing campaigns between classes, to criminal organizations running internship programs for budding cybercriminals. They dig into how attackers are bypassing AI guardrails on tools like ChatGPT and Grok, why MFA isn't the silver bullet we think it is, and why shutting down phishing sites may actually be doing more harm than good. If you think your security stack has you covered, this episode will make you think twice. In this episode, you'll learn: 🤔 How are cybercriminals using mainstream AI tools to build phishing kits, and why aren't the guardrails stopping them? 🧑‍💻 Who exactly are these attackers, and how young are they getting? 🐟 Why do Microsoft phishing kits dominate the threat landscape? 👀 If MFA can be hijacked, what does real protection actually look like? 😱 Is dark web threat intel actually useful, or is near real-time monitoring the smarter play? Ali Alame is CTO and co‑founder of CyberArmor, the company behind DarkArmor, a pre‑breach, pre‑dark‑web threat intelligence platform. With a background in cloud and security across IBM, Lululemon, and UBC, Ali focuses on turning attacker‑side telemetry into operational early warning for SOC teams, MSSPs, and large enterprises. Relevant links: Check out CyberArmor: https://cyberarmor.tech/ Follow Ali on LinkedIn: https://www.linkedin.com/in/aalame/

    27 min

  2. 12 FEB

    How do you unify Security Operations?

    They say modern SOCs are drowning in alerts. But what if the real problem is not the tools, it is the lack of strategy and unification? In this episode of the podcast, Amy Tom sits down with Reza Adineh, SOC Architect and Detection Engineer, to break down why today’s security operations models are fundamentally misaligned and what to do about it. Reza introduces his new framework, UTIOM - Unified Threat Informed Operational Model, designed to bring strategy, visibility, detection, and response into one cohesive cycle. In this episode, you'll learn:
 👉 Why most SOCs operate like “alert factories” and how that leads to burnout and false positives
 🎯 What it really means to protect your “crown jewels” and align detection to real threats
 🔁 Why strategy must guide tools, automation, and response, not the other way around
 🚀 How to communicate a unifying security vision across a 100 person SOC team If your SOC feels siloed, overwhelmed, or disconnected from the business it is meant to protect, this episode will challenge how you think about security operations and give you a blueprint to unify it. Relevant Links: Learn more about UTIOM: https://utiom.de/what-is-utiom/ Follow Reza on LinkedIn: https://www.linkedin.com/in/rezaadineh/ Follow Reza on GitHub: https://github.com/ReZaAdineH Timestamps: 00:00 Why is the current SOC operating model fundamentally broken?
 10:00 What does unification look like in practical terms inside a SOC?
 12:31 What does strategy actually look like in a real world example?
 18:17 How should a SOC analyst think about protecting crown jewels day to day?
 23:13 How do you unify strategy across a 100 person SOC team?
 24:06 How should detection engineers prioritize their rules?
 25:40 If starting from scratch, what should you prioritize first?
 27:10 How do you ensure every SOC team member truly understands the strategy?

    32 min

  3. 15 JAN

    Attack Paths, Not Alert Summaries (Why Morpheus AI Beats L1 Bots) with Gordon Benoit

    In this episode, D3 Security's President – Gordon Benoit – explains why the next step for the SOC is not just faster triage, but autonomous investigation built around attack paths. Learn how Morpheus connects behaviors across the stack, builds attack paths, and shows its work so engineers can trust it, tune it, and scale it. If you are comparing L1 bots to real autonomous investigation, this episode draws the line.

    27 min

  4. 20/11/2025

    Can AI Agents predict threats before they happen?

    They say that Agentic AI is the new hot topic of cybersecurity. But what does that really mean? How does Agentic AI work? Can AI take over cybersecurity functions like threat hunting and detection? In this episode of the podcast, you'll hear from Rob Goehring, CEO and Founder of Wisr AI, about Agentic AI. You'll learn: 👉 What happens when we use multiple AI threat intelligent agents? 😱 How is Agentic AI changing the way we do threat hunting and detection? 🙏 Will Agentic AI make us hyper-reliant on AI? Relevant links: Check our Wisr AI: https://wisr.ai/ Follow Wisr on LinkedIn: https://www.linkedin.com/company/wisr-ai/ Follow Rob on LinkedIn: https://www.linkedin.com/in/robgoehring/

    28 min

  5. 06/11/2025

    What does AI in the SOC look like?

    AI is changing the way SOCs function, pushing organizations to rethink technology, processes, and people. Filip Stojkovski, Founder of SecOps Unpacked and a cybersecurity veteran with 15 years of experience, joins us on the Let's SOC About It podcast to explore how SOC teams can gain value from implementing AI into their practices. Learn how to maximize your organization's ROI on AI SOC platforms, and ensure your processes and people evolve alongside it. Filip walks us through real lessons learned from his own experimentation with AI in the SOC. In this episode of Let's SOC About It, learn: 🔁 How is AI transforming the SOC space? 🧐 What are the three types of AI SOC types, and which one is right for your organization? 😱 Is your current security process ready for AI integration? ⚖️ How do you balance customizability, control, and cost with AI SOC implementation? Relevant links: Follow Filip Stojkovski's Blog, SecOps Unpacked: https://secops-unpacked.ai Connect with Filip on LinkedIn: https://www.linkedin.com/in/filipstojkovski

    32 min

  6. 24/10/2025

    Where does D3 Security fit in the AI SOC landscape?

    In this episode of the Let’s SOC About It podcast, Francis Odum gets a first look at Morpheus AI, D3 Security’s AI SOC platform. Amy Tom and David Torres dive into the use of AI in the SOC with Francis Odum, the Founder and Chief Cybersecurity Analyst of Software Analyst Cyber Research.In this episode, you’ll find out:🧐 How can AI eliminate the need for constant manual tuning of static playbooks?🕙 How will natural language querying impact analysts’ time?🧠 How does Morpheus provide intelligent guardrails that empower analysts without removing their control?🔎 What does a fully integrated, dynamic SOC look like with Morpheus AI?Relevant links:Read Francis’ AI SOC Market Landscape 2025 Report: https://d3security.com/resources/the-...Follow Francis on LinkedIn:   / francis-odum-0a8673100  Get a demo of Morpheus AI: https://d3security.com/demo/

    20 min

  7. 14/08/2025

    What happens inside cyber scam mills?

    In this episode of the Let's SOC About It podcast, Amy Tom chats with Sarim Khawaja, a Product Lead at Styx Intelligence, about the dangers of cyber scam mills. They discuss the growing threat of organized, factory-like operations that execute online scams on an industrial scale. In this episode, you'll learn: 🏭 What cyber scam mills are and how they operate 🌏 Why they are prevalent in Southeast Asia and other regions 🎭 What types of scams and targeting strategies they use 💼 What the impact is on individuals and businesses 🛡️ Best practices for organizational cybersecurity Relevant links: Follow Sarim on LinkedIn: https://www.linkedin.com/in/sarimkhawaja/Join the White Hat Security Community: https://www.linkedin.com/company/white-hat-security-community/Join PM Hive: https://www.linkedin.com/company/pmhivevan/Learn about Styx Intelligence: https://styxintel.com/

    24 min

  8. 29/07/2025

    How does reverse malware engineering work?

    Threat detection teams are on the frontlines of detecting, inspecting, and publishing findings on new threats. But how do they get there? And what does it take to understand and dissect malware?On this episode of the podcast, we're joined by Randy Pargman, the Senior Director of Threat Detection at Proofpoint, to ask him:🔄 How does reverse malware engineering work?🔎 How do you know what you’re looking for when things evolve so quickly? 🤔 How do you stay on top of evolving tactics from bad actors? Relevant links:💜 Read Proofpoint's threat insights blog: http://proofpoint.com/us/blog/threat-...💜 Follow Randy Pargman on LinkedIn:   / randy-pargman-131b773  💜 Check out DEATHCon: https://deathcon.io/

    37 min
See All (25)

About

Let's SOC About It is a cybersecurity podcast by D3 Security that answers the big and small questions in cybersecurity. Join Amy Tom in conversation with industry experts to explore the ins-and-outs of cybersecurity.

Information

  • Creator
    D3 Security
  • Years Active
    2024 - 2026
  • Episodes
    25
  • Rating
    Clean
  • Copyright
    © D3 Security
  • Show Website
    Let's SOC About It