Salesforce's Mor Levi on Transforming Security Operations with AI Agents

What does AI in security operations actually look like at scale? In this episode of Detection at Scale, Mor Levi, VP of Detection, Analysis, & Response at Salesforce, shares her team's hands-on experience with Agent Force — from achieving 90% automation in initial case triage to setting ambitious goals for full automation. 

Her conversation with Jack goes deep into the practical realities: integrating AI with existing tools, evolving analyst roles, and why human creativity matters more than ever. Through candid discussion and real-world examples, Mor shares both the successes and challenges of bringing AI into enterprise security, offering valuable lessons for teams at any stage of their AI journey.

Topics discussed:

• Implementing generative AI agents for security operations, achieving 90% automation in initial triage while maintaining effectiveness and reliability.
• Securing LLM implementations through comprehensive threat modeling, focusing on data access controls and potential abuse scenarios.
• Integrating AI agents with existing SOAR platforms to create powerful automation workflows while maintaining operational control.
• Evolution of security analyst roles as AI handles routine tasks, emphasizing strategic thinking and hypothesis development.
• Importance of data quality and systematic implementation in training effective security-focused AI agents.
• Strategies for maintaining consistency and reliability in AI-driven security operations through proper prompt engineering.
• Building effective guardrails and controls for AI systems while enabling powerful automation capabilities.
• Balancing automation with human oversight to ensure security effectiveness and maintain operational integrity.
• Future trends in AI-driven security operations and the increasing importance of creative problem-solving skills.
• Practical advice for implementing AI in security operations, emphasizing focused use cases and clear success criteria.