Antisyphon Training Anticasts

Effective AI for Practical SecOps Workflows w/ Hayden Covington

Listen Later

🧦 SOC Summit 2026
https://www.antisyphontraining.com/event/soc-summit/


Which AI workflows are already running in production SOCs right now, and which ones could you implement by next week?

đź”— Register for FREE Infosec Webcasts, Anti-casts & Summits:
https://poweredbybhis.com

🛝 Webcast Slides:
https://www.antisyphontraining.com/wp-content/uploads/2026/01/Effective-AI-for-Practical-SecOps.pdf

✏️ Learn from Hayden on Antisyphon Training:
https://www.antisyphontraining.com/search/Hayden

Join Hayden Covington (Black Hills Infosec - SOC SecOps Lead) for a free one-hour training session to learn how to augment security analysts with AI through practical, tested workflows.
Cut through the noise of vendor demos, hype, and ChatGPT wrappers.

Hayden will teach you practical AI workflows that help analysts work faster and smarter without replacing their judgment.
Learn real techniques for detection engineering, case management, and QA, plus where AI truly helps (and where it doesn’t) so you can apply it right away.

Chat with your fellow attendees in the BHIS Discord server:
https://discord.gg/bhis
in the #đź”´live-chat channel

Chapters:

  • (00:00) - INTRO – 2026-01-28 Effective AI Hayden
  • (02:41) - About Hayden
  • (03:45) - What This Session Is (and Isn't)
  • (04:38) - Let's Get Something Straight
  • (06:23) - What Augmentation Actually Looks Like
  • (12:15) - Before You Implement Anything...STOP
  • (13:26) - Consideration: Cost
  • (18:42) - Consideration: Policy & Legal
  • (20:53) - Consideration: Data Sensitivity
  • (21:33) - Consideration: Team Buy-In
  • (23:47) - Consideration: PEBKAC
  • (28:07) - How We'll Break Down the Use Cases
  • (29:26) - Start This Week! – AI Projects: Curated Team Agents
  • (32:24) - Building a Good Agent
  • (33:30) - Detection Code Review Agent
  • (35:43) - Detection Code Review: Example Prompt (GH)
  • (37:13) - Why Markdown and Change Controlled Prompts Win
  • (38:50) - Start This Week! – SOC Analyst Agent
  • (40:32) - SOC Analyst Agent: Example Prompt
  • (42:08) - Other Agent Examples
  • (43:05) - Quick Wins: Raycast InfoSec Extensions
  • (44:56) - Raycast Example
  • (45:24) - Build This Month! – Case Management: Alert Titles & Summaries
  • (46:35) - Case Management: Example
  • (47:22) - Case Management: Sample Implementation
  • (48:20) - Build This Month! – Quality Assurance: Automated Ticket Review
  • (48:56) - QA Workflow Options
  • (49:57) - QA: What It Catches
  • (50:27) - QA: Sample Prompt
  • (51:49) - Build This Month! – Detection Engineering: First-Draft Generation
  • (53:24) - Detection Engineering Workflow
  • (54:16) - Detection Engineering: Starter Approach
  • (54:57) - Detection Engineering: Sample Prompt
  • (57:10) - Where AI Often Fails
  • (59:39) - Key Takeaways
  • (01:00:43) - Resources & Next Steps
  • (01:02:09) - QA Start
  • (01:05:01) - Patterson's Workshop

    • Creators & Guests
    • Hayden Covington - Guest
    • Meagan Bentley - Producer
    • Jason Blanchard - Host
    • CJ Cox - Guest
    • Patterson Cake - Guest

      • Brought to you by:

      Black Hills Information Security 

      https://www.blackhillsinfosec.com


      Antisyphon Training

      https://www.antisyphontraining.com/


      Active Countermeasures

      https://www.activecountermeasures.com


      Wild West Hackin Fest

      https://wildwesthackinfest.com

      Click here to view the episode transcript.

      ...more
      View all episodesView all episodes
      Download on the App Store
      Antisyphon Training AnticastsBy Antisyphon Training