Full episode and show notes

Why the traditional SOC model is broken – Matt Muller – BH25 #3

Live from the CyberRisk TV studio at Black Hat 2025 in Las Vegas, host Matt Alderman sits down with Matt Muller, Field CISO at Tines, for a deep-dive into how Security Operations Centers must evolve. From blowing up the outdated tier system to empowering junior analysts with AI, this conversation uncovers the real strategies driving next-gen cyber defense. Muller explains why traditional SOC models create burnout, how AI can flatten team structures, and why measuring the right metrics—like Mean Time to Detect—is critical for success. They tackle the balance of human + AI orchestration, the security challenges of non-human identities, and how to rethink access controls for a machine-augmented...

This episode is sponsored by
Full Segment Notes

Live from the CyberRisk TV studio at Black Hat 2025 in Las Vegas, host Matt Alderman sits down with Matt Muller, Field CISO at Tines, for a deep-dive into how Security Operations Centers must evolve. From blowing up the outdated tier system to empowering junior analysts with AI, this conversation uncovers the real strategies driving next-gen cyber defense.

Muller explains why traditional SOC models create burnout, how AI can flatten team structures, and why measuring the right metrics—like Mean Time to Detect—is critical for success. They tackle the balance of human + AI orchestration, the security challenges of non-human identities, and how to rethink access controls for a machine-augmented future.

If you care about SOC transformation, AI-driven security workflows, and cyber resilience at scale, this is the conversation you can’t afford to miss.

Watch until the end for practical insights you can start applying today in your own security operations.

This segment is sponsored by Tines. Visit https://securityweekly.com/tinesbh to learn more about them!

Key Moments
  • 0:00 - Welcome to BlackHat 2025: Final Interview with Matt Muller
  • 0:30 - The Broken SOC Model: Why Legacy Approaches Fail
  • 01:26 - SOC Origins and Why Burnout Persists
  • 02:49 - Rethinking the SOC: Flipping the Model
  • 03:48 - Empowering Junior Analysts with AI
  • 04:58 - Do We Still Need Tiers? Flattening the SOC Structure
  • 05:51 - Senior Analysts as Researchers & AI Architects
  • 07:22 - AI in the SOC: Co-Pilot vs. Full Automation
  • 08:28 - Tooling & Trust: Barriers to Full Automation
  • 10:06 - Human + AI Orchestration with Consensus Controls
  • 12:09 - Securing AI Agents: Identity, Access & Insider Threats
  • 14:21 - Measuring SOC Success: The Metrics That Matter
  • 15:25 - Closing Thoughts & Where to Learn More
Guest
Field CISO at Tines

Matt Muller is an accomplished security leader with over a decade of hands-on experience in cybersecurity. Currently serving as Field CISO at Tines, Matt leverages his deep understanding of security operations and product leadership to shape product and cybersecurity strategies. His extensive background, which includes leadership roles at Coinbase and Material Security, enables him to offer strategic guidance to clients on how to integrate security automation, orchestration, and AI into their organizations, driving stronger defenses and innovation in the rapidly evolving security landscape.

Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Segments

Related Content

You can skip this ad in 5 seconds