Most individuals know the story of Paul Bunyan. An enormous lumberjack, a trusted axe, and a problem from a machine that promised to outpace him. Paul doubled down on his outdated approach of working, swung more durable, and nonetheless misplaced by 1 / 4 inch. His mistake was not shedding the competition. His mistake was assuming that effort alone might outmatch a brand new form of software.
Safety professionals are going through the same second. AI is our trendy steam-powered noticed. It’s sooner in some areas, unfamiliar in others, and it challenges a whole lot of long-standing habits. The intuition is to guard what we all know as a substitute of studying what the brand new software can truly do. But when we comply with Paul’s strategy, we’ll discover ourselves on the unsuitable facet of a shift that’s already underway. The precise transfer is to study the software, perceive its capabilities, and leverage it for outcomes that make your job simpler.
AI’s Function in Every day Cybersecurity Work
AI is now embedded in virtually each safety product we contact. Endpoint safety platforms, mail filtering methods, SIEMs, vulnerability scanners, intrusion detection instruments, ticketing methods, and even patch administration platforms promote some type of “clever” decision-making. The problem is that the majority of this intelligence lives behind a curtain. Distributors shield their fashions as proprietary IP, so safety groups solely see the output.
This implies fashions are silently making threat selections in environments the place people nonetheless carry accountability. These selections come from statistical reasoning, not an understanding of your group, its individuals, or its operational priorities. You can not examine an opaque mannequin, and you can’t depend on it to seize nuance or intent.
That’s the reason safety professionals ought to construct or tune their very own AI-assisted workflows. The objective is to not rebuild industrial instruments. The objective is to counterbalance blind spots by constructing capabilities you management. While you design a small AI utility, you establish what information it learns from, what it considers dangerous, and the way it ought to behave. You regain affect over the logic shaping your surroundings.
Eradicating Friction and Elevating Velocity
A big portion of safety work is translational. Anybody who has written advanced JQ filters, SQL queries, or common expressions simply to tug a small piece of data from logs is aware of how a lot time that translation step can eat. These steps decelerate investigations not as a result of they’re tough, however as a result of they interrupt your stream of thought.
AI can take away a lot of that translation burden. For instance, I’ve been writing small instruments that put AI on the entrance finish and a question language on the again finish. As a substitute of writing the question myself, I can ask for what I would like in plain English, and the AI generates the proper syntax to extract it. It turns into a human-to-computer translator that lets me deal with what I’m making an attempt to research fairly than the mechanics of the question language.
In follow, this permits me to:
Pull the logs related to a selected incident with out writing the JQ myself
Extract the information I want utilizing AI-generated SQL or regex syntax
Construct small, AI-assisted utilities that automate these repetitive question steps
When AI handles the repetitive translation and filtration steps, safety groups can direct their consideration towards higher-order reasoning — the a part of the job that truly strikes investigations ahead.
It is usually vital to keep in mind that whereas AI can retailer extra info than people, efficient safety just isn’t about understanding every little thing. It’s about understanding easy methods to apply what issues within the context of a company’s mission and threat tolerance. AI will make selections which can be mathematically sound however contextually unsuitable. It can approximate nuance, nevertheless it can’t actually perceive it. It could possibly simulate ethics, nevertheless it can’t really feel accountability for an final result. Statistical reasoning just isn’t ethical reasoning, and it by no means will probably be.
Our worth throughout offensive, defensive, and investigative roles just isn’t in memorizing info. It’s in making use of judgment, understanding nuance, and directing instruments towards the precise outcomes. AI enhances what we do, however the selections nonetheless relaxation with us.
How Safety Professionals Can Start: Expertise to Develop Now
A lot of at present’s AI work occurs in Python, and for a lot of safety practitioners it has historically felt like a barrier. AI adjustments that dynamic. You possibly can specific your intent in plain English and have the mannequin produce a lot of the code. The mannequin will get you a lot of the approach there. Your job is to shut the remaining hole with judgment and technical literacy.
That requires a baseline stage of fluency. You want sufficient Python to learn and refine what the mannequin generates. You want a working sense of how AI methods interpret inputs so you may acknowledge when the logic drifts. And also you want a sensible understanding of core machine studying ideas so you realize what the software is doing beneath the floor, even in case you are not constructing full fashions your self.
With that basis, AI turns into a power multiplier. You possibly can construct focused utilities to research inner information, use language fashions to compress info that will take hours to course of manually, and automate the routine steps that decelerate investigations, offensive testing, and forensic workflows.
Listed here are concrete methods to start out creating these capabilities:
Begin with a software audit: Map the place AI already operates in your surroundings and perceive what selections it’s making by default.
Have interaction actively together with your AI methods: Don’t deal with outputs as closing. Feed fashions higher information, query their outcomes, and tune behaviors the place attainable.
Automate one weekly process: Decide a recurring workflow and use Python plus an AI mannequin to streamline a part of it. Small wins construct momentum.
Construct gentle ML literacy: Be taught the fundamentals of how fashions interpret directions, the place they break, and easy methods to redirect them.
Take part in group studying: Share what you construct, examine approaches, and study from others navigating the identical transition.
These habits compound over time. They flip AI from an opaque function inside another person’s product right into a functionality you perceive, direct, and use with confidence.
Be part of me For a Deeper Dive at SANS 2026
AI is altering how safety professionals work, nevertheless it doesn’t diminish the necessity for human judgment, creativity, and strategic pondering. While you perceive the software and information it with intent, you develop into extra succesful, not much less needed.
I will probably be masking this matter in larger element throughout my keynote session at SANS 2026. If you would like sensible and actionable steerage for strengthening your AI fluency throughout defensive, offensive, and investigative disciplines, I hope you may be a part of me within the room.
Register for SANS 2026 right here.Word: This text was expertly authored by Mark Baggett, SANS Fellow.
Discovered this text fascinating? This text is a contributed piece from one in all our valued companions. Observe us on Google Information, Twitter and LinkedIn to learn extra unique content material we publish.
