Get the app

Log in
AI Security Ops

·E40

AI in the SOC: Interview with Hayden Covington and Ethan Robish from the BHIS SOC | Episode 40

February 20
29 mins

Episode Description

AI in the SOC: Interview with Hayden Covington and Ethan Robish from the BHIS SOC | Episode 40

In this episode of BHIS Presents: AI Security Ops, we sit down with Hayden Covington and Ethan Robish from the BHIS Security Operations Center (SOC) to explore how AI is actually being used in modern defensive operations.

From foundational machine learning techniques like statistical baselining and clustering to large language models assisting with alert triage and reporting, we dig into what works, what doesn’t, and what SOC teams should realistically expect from AI today.

We break down:

- How AI helps reduce alert fatigue and improve triage
- Practical automation inside a real-world SOC
- The difference between traditional ML approaches and LLM-powered workflows
- Foundational techniques like K-means, anomaly detection, and behavioral baselining
- Using LLMs for enrichment, investigation, and report drafting
- Where AI struggles: hallucinations, inconsistency, and edge cases
- Risks around over-trusting AI in security operations
- How to responsibly integrate AI into analyst workflows

This episode is grounded in real operational experience—not vendor demos. If you’re running a SOC, building AI tooling, or just trying to separate hype from reality, this conversation will help you think clearly about augmentation vs. automation in defensive security.


  • (00:00) - Intro & Guest Introductions
  • (04:44) - Alert Triage & SOC Pain Points
  • (06:04) - Automation Inside the SOC
  • (09:59) - “Boring AI”: Clustering, Baselining & Statistics
  • (17:06) - AI-Assisted Reporting & Client Communication
  • (18:34) - Limitations, Edge Cases & Model Risk
  • (22:56) - Hallucinations & Inconsistent Outputs
  • (25:04) - AI Demos vs. Real-World Security Work
  • (28:35) - Final Thoughts & Closing

Click here to watch this episode on YouTube.

Creators & Guests
Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com


Antisyphon Training

https://www.antisyphontraining.com/


Active Countermeasures

https://www.activecountermeasures.com


Wild West Hackin Fest

https://wildwesthackinfest.com

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com 

See all episodes

Never lose your place, on any device

Create a free account to sync, back up, and get personal recommendations.

Create account