The D3 Blog
Learn about the latest from D3 and the world of cybersecurity, with news, analysis, and more.
-
Palo Alto Says XSOAR’s Successor Is a Rebuild. That Makes the Destination Your Call.
Cortex AgentiX is XSOAR’s named successor, and reaching it means a migration. See how to migrate off XSOAR without re-platforming your SIEM.
-
The Most Dangerous Answer in the SOC Is a Confident One
Accuracy on a good day is the wrong measure of an AI SOC. What matters is what it does when it doesn’t know, and why…
-
Designing an AI SOC That Fails Toward a Human
Fail-open is a design principle: when an AI SOC can’t reach a reliable conclusion, it defaults to human review. Here’s the architecture.
Filter by category:
Search blog:
-
Autonomous SOCPalo Alto Says XSOAR’s Successor Is a Rebuild. That Makes the Destination Your Call.
Cortex AgentiX is XSOAR’s named successor, and reaching it means a migration. See how to migrate off XSOAR without re-platforming your SIEM.
-
Autonomous SOCThe Most Dangerous Answer in the SOC Is a Confident One
Accuracy on a good day is the wrong measure of an AI SOC. What matters is what it does when it doesn’t know, and why…
-
Autonomous SOCDesigning an AI SOC That Fails Toward a Human
Fail-open is a design principle: when an AI SOC can’t reach a reliable conclusion, it defaults to human review. Here’s the architecture.
-
Compliance, IndustryNIS2, Sovereignty, and Automation: Inside Germany’s SOC Market with Johannes Kresse
Johannes Kresse on NIS2 compliance, AI adoption, and data sovereignty reshaping German SOCs, plus the SOC map bringing transparency to Germany’s MSSP market.
-
Autonomous SOCDoes “AI SOC” Solve Alert Fatigue?
40% of alerts never get investigated. See how an accountable agentic AI SOC delivers full coverage with Attack Path Discovery and Adaptive Tasking.
-
Autonomous SOCThe Playbook Estate Problem: When Your SOAR Needs a Full-Time Owner
Year one with a playbook SOAR is exciting. Year three, an engineer owns it full-time. The agentic SOC question nobody budgets for at renewal.
-
Autonomous SOCEvaluating SOC Automation Vendor Risk in 2026
SOC automation vendor risk is the chance your platform is acquired, repriced, or re-platformed before you recoup your investment. Here’s a five-factor framework.
-
Autonomous SOCThe SOAR Maintenance Tax: Why Playbook Inventories Don’t Scale in 2026
Why SOAR deployments built on large Python playbook inventories hit a maintenance wall, what it costs in dedicated headcount, and how investigation-first architectures (Attack Path…
-
Autonomous SOCWhen Mythos Finds Thousands of Zero-Days, EU Regulators Won’t Wait for Your SOC to Catch Up
Can your SOC triage thousands of Mythos findings in 24 hours? NIS2, CRA, and DORA are all waiting. Miss one clock and the penalties begin.