VentureBeat

CrowdStrike, Cisco and Palo Alto Networks all shipped agentic SOC tools at RSAC 2026 — and all three missed the same gap

CrowdStrike CEO George Kurtz highlighted in his RSA Conference 2026 keynote that the fastest recorded adversary breakout time has dropped to 27 seconds. The average is now 29 minutes, down from 48 ...
heise online

Lakewatch: Databricks introduces agent-based Open SIEM with Claude integration

With Lakewatch, Databricks presents an open SIEM based on Lakehouse. AI agents are intended to automatically detect and triage threats in data pools. The company Databricks has introduced Lakewatch, a ...

10 ChatGPT AI Prompts L1 SOC Analysts Can Use in Their Daily Work

Discover 10 practical ChatGPT prompts SOC analysts can use to speed up triage, analyze threats, improve documentation, and ...
GitHub

Julien-ser/splunk-mcp-integration

Mission: A sample project where an AI agent acts as a Splunk security user, implementing the Splunk MCP (Message Control Protocol) app. This project implements a custom MCP (Message Control Protocol) ...
GitHub

Incident Handling with Splunk.md

This room covers an incident handling scenario using Splunk. An incident, from a security perspective, is any event or action that has a negative consequence on the security of a user, computer, or ...