When a Managed SOC becomes a commodity and response is already automated, fundamental questions arise:

To what extent does a SOC still need engineers who write detection rules, develop individual use cases, and integrate customer infrastructure? Are analysts still needed to manually review alerts and communicate with customers so they can respond effectively? And do we still need consultants to explain what the Blue Team actually observed? AI is undoubtedly changing the rules of the game – but how exactly? Will the Blue Team become obsolete as SOCs are increasingly offered as SaaS? Or should we place greater emphasis on the threat landscape to present the Blue Team with new challenges that AI cannot solve?

Experience Eileen Walther, General Manager of Northwave DACH, live on ...