The worlds of IT security and operations are being pulled together and AI is a catalyst that's making it happen. The focus on observability that's been part of the DevOps movement, is playing an important role in improving security effectiveness and Scott Crawford, Mark Ehr and Mike Fratto return to look at how this is happening with host Eric Hanselman. Security teams have always wrestled with making effective use of telemetry data from the infrastructure and applications they are securing. Correlating data from just the security tooling is hard enough, let alone adding operational data to the mix. Security Information and Event Management (SIEM) systems came into existence many years ago specifically to address this problem, but they were complex to configure and operate and needed tending to stay accurate. The volumes of data coming from observability initiatives was promising, but new approaches were required and AI and ML have been key to unlocking that value.

Once again, we've hit an opportunity where it's all about the data and getting it to where it can be put to work. The Open Telemetry project simplified data interchange, but the question remained as to where all of this data had to live. It's not practical to get all of the data in one place, but data fabrics and federation can manage access effectively. Better correlation opens the door to many possibilities, including building a single source of truth for IT assets. There's a lot of benefit to bringing security and operations together.

More S&P Global Content:

• AI for security: Agentic AI will be a focus for security operations in 2025
• AI in action: unleashing agentic potential

For S&P Global subscribers:

• 2026 Trends in Information Security
• Deal Analysis: Palo Alto Acquires Chronosphere
• Big Picture Report: 2026 AI Outlook – Unleashing agentic potential

Credits:

• Host/Author: Eric Hanselman
• Guests: Scott Crawford, Mark Ehr, Mike Fratto
• Producer/Editor: Feranmi Adeoshun
• Published With Assistance From: Sophie Carr, Kyra Smith