Send a text AI is moving into security operations fast, but the uncomfortable truth is that “autonomous SOC” talk can create more risk than it removes. I sit down with Ken Weston, Senior Solutions Engineer at LimaCharlie, to get brutally practical about agentic AI in cybersecurity, what it can reliably automate today, and where humans still need to be firmly in the loop. We dig into how AI changes Level 1 and Level 2 analyst work, why the cybersecurity skills gap may actually get worse before it gets better, and how sloppy AI-assisted coding can quietly introduce new vulnerabilities. Then we switch gears into a wild hacker story that starts with stolen camera gear and ends with a lesson on EXIF metadata, OSINT, and real-world investigations. Ken explains how camera make, model, and serial numbers embedded in images can be mined and searched, why many platforms now scrub metadata, and what that means for privacy and forensics when companies may still archive data behind the scenes. We close with a clear-eyed look at the 2026 SOC: hybrid AI as “cyborg security,” MCP servers, Cloud Code style automation, guardrails for production, and the looming data pipeline problem of token costs and compute. If you’re modernizing your SIEM, EDR, MDR workflows, or cloud security operations, you’ll leave with sharper questions to ask vendors and a safer way to experiment without handing the keys to a black box. Subscribe, share this with a security leader who needs a reality check, and leave a review with your biggest question about AI in the SOC. Ken Westin is currently Senior Solutions Engineer at LimaCharlie, and an adjunct cybersecurity instructor at Lewis & Clark College. He has beenin the cybersecurity field for over two decades, working with companies to improve their security posture through threat hunting, insider threat programs, and vulnerability research.In the past, he has worked closely with law enforcement helping to unveil organized crime groups. His work has been featured in Wired, Forbes, New York Times, Good Morning America, and others, and he is regularly reached out to as an expert in cybersecurity, cybercrime, data science, and surveillance.
