{"id":3345,"date":"2026-07-07T16:01:54","date_gmt":"2026-07-07T14:01:54","guid":{"rendered":"https:\/\/neverhack.com\/b\/?p=3345"},"modified":"2026-07-07T16:07:49","modified_gmt":"2026-07-07T14:07:49","slug":"the-challenges-of-applying-ai-in-todays-soc","status":"publish","type":"post","link":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/","title":{"rendered":"The challenges of applying AI in today&#8217;s SOC"},"content":{"rendered":"\n<p>Artificial intelligence has evolved in a very short time from an experimental technology into a common element in virtually every aspect of our lives. Its popularity has grown to such an extent that, in some cases, it almost seems to have become a trend where every product or service needs to include the term &#8220;AI&#8221; in order to appear attractive, even when the actual value it delivers is questionable.<\/p>\n\n\n\n<p>Security Operations Centers (SOCs) are no exception. More and more tools, platforms and processes are incorporating artificial intelligence capabilities with the aim of improving threat detection, investigation and incident response.<\/p>\n\n\n\n<p>However, beyond the market hype, the reality is that AI is not a passing trend. It is here to stay and will profoundly transform the way SOCs\u2014and cybersecurity as a whole\u2014operate. As with any disruptive technology, its adoption must be approached with a clear understanding of both its capabilities and its limitations.<\/p>\n\n\n\n<p>The question is no longer whether AI will become part of security operations, but rather how it can be applied effectively to generate real value without creating unrealistic expectations.<\/p>\n\n\n\n<p>The reflections shared in this article are based on our experience working with SOCs of different sizes, industries and service models, identifying which approaches generate tangible value and which tend to remain initiatives with little impact on day-to-day operations.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-soc-facing-an-increasingly-complex-environment\"><strong>The SOC facing an increasingly complex environment<\/strong><\/h2>\n\n\n\n<p>Modern SOCs are flooded with information. Every new tool, integration or corporate asset generates additional events that must be analyzed, correlated and prioritized.<\/p>\n\n\n\n<p>The problem is no longer the lack of data. The real challenge is separating the signal from the overwhelming amount of noise.<\/p>\n\n\n\n<p>At the same time, threats continue to evolve while the shortage of skilled cybersecurity professionals remains one of the industry&#8217;s greatest challenges.<\/p>\n\n\n\n<p>In this context, AI emerges as an opportunity to increase operational capacity without proportionally increasing the resources required. The promise is compelling: reduce repetitive tasks, accelerate investigations, and help identify meaningful threats within enormous volumes of information.<\/p>\n\n\n\n<p>However, introducing AI into a SOC is not simply a matter of enabling a new feature or deploying a large language model. The real challenge lies in identifying where it adds value, how it integrates into existing processes, and how its actual impact can be measured.<\/p>\n\n\n\n<p>There is also one fundamental question that cannot be ignored: is the cost of AI truly aligned with the value it brings to security operations?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-general-purpose-ai-vs-specialized-ai\"><strong>General-purpose AI vs. specialized AI<\/strong><\/h2>\n\n\n\n<p>One of the first debates that arises in any AI initiative is the choice between general-purpose models and specialized models.<\/p>\n\n\n\n<p>General-purpose models stand out for their ability to understand natural language, summarize information, generate documentation and assist during investigations. They are particularly useful for tasks involving contextual analysis and knowledge generation.<\/p>\n\n\n\n<p>However, certain activities require in-depth knowledge of threats, vulnerabilities, offensive techniques or security telemetry. In these cases, specialized models often deliver better results.<\/p>\n\n\n\n<p>That said, specialization also brings greater maintenance requirements, continuous updates and, in many cases, higher costs.<\/p>\n\n\n\n<p>In our experience, hybrid approaches generally provide the best balance between accuracy, flexibility and economic sustainability. Combining general-purpose models with specialized intelligence sources and operational context enables highly competitive results without unnecessarily increasing architectural complexity.<\/p>\n\n\n\n<p>We are also adopting <strong>Retrieval-Augmented Generation (RAG)<\/strong> architectures, where SOC-specific knowledge, internal procedures, asset inventories and corporate documentation remain outside the model and are only provided when required.<\/p>\n\n\n\n<p>In simple terms, the model does not store corporate information directly. When it receives a query, an external system searches for the relevant information in authorized sources such as technical documentation, internal procedures, inventories, CMDBs, knowledge bases, ticketing systems or threat intelligence repositories, providing the model only with the context required to generate its response.<\/p>\n\n\n\n<p>In this scenario, an analyst could ask questions without any prior model training, such as:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"577\" src=\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/Imagen1-1024x577.png\" alt=\"\" class=\"wp-image-3346\" srcset=\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/Imagen1-1024x577.png 1024w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/Imagen1-300x169.png 300w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/Imagen1-150x84.png 150w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/Imagen1-768x433.png 768w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/Imagen1.png 1298w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\">\n<li>What is our corporate password policy?<\/li>\n\n\n\n<li>Show me the containment procedure for this type of incident.<\/li>\n\n\n\n<li>Do we have any Internet-facing assets vulnerable to <strong>CVE-2025-XXXX<\/strong>?<\/li>\n\n\n\n<li>Generate executive report X.<\/li>\n<\/ul>\n\n\n\n<p>This approach reduces costs, simplifies information updates and eliminates the need to continuously retrain specialized models.<\/p>\n\n\n\n<p>In most enterprise environments, combining general-purpose models, RAG architectures and specialized intelligence sources typically delivers better results at lower cost than developing and maintaining proprietary AI models. Training dedicated models may be appropriate in very specific scenarios, but it is rarely the most efficient starting point.<\/p>\n\n\n\n<p>Within a SOC, the problem is rarely a lack of artificial intelligence; the problem is usually a lack of context. And that is precisely where RAG architectures are proving to be most valuable.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-ai-in-the-cloud-or-on-premises\"><strong>AI in the cloud or on-premises<\/strong><\/h2>\n\n\n\n<p>Another of the most common debates revolves around where artificial intelligence should be deployed.<\/p>\n\n\n\n<p>Cloud platforms provide rapid access to advanced models, enormous computing capacity and lower barriers to entry. This makes it possible to accelerate adoption and reduce deployment times, although costs can increase significantly with intensive use.<\/p>\n\n\n\n<p>However, SOCs handle highly sensitive information. Activity logs, incident details, internal configurations and indicators of compromise may all be subject to regulatory or privacy requirements that determine where this information can be processed.<\/p>\n\n\n\n<p>For this reason, many organizations continue to opt for on-premises deployments when they need to maintain complete control over the information being processed, even though response times may be slower or the available models may not be as powerful as those offered through cloud platforms.<\/p>\n\n\n\n<p>Between these two approaches, a third alternative is also emerging as a particularly interesting option: using cloud-based AI models on data that has been previously anonymized or pseudonymized.<\/p>\n\n\n\n<p>Under this approach, sensitive information such as user names, internal IP addresses, system names or critical assets is temporarily replaced with neutral identifiers before being sent to the model. Once the response has been generated, a local process automatically restores the original context.<\/p>\n\n\n\n<p>This allows the model to leverage its full analytical capabilities without requiring direct access to the organization&#8217;s sensitive information.<\/p>\n\n\n\n<p>Although this approach introduces some additional complexity into the integration process, it significantly reduces the risks associated with privacy, regulatory compliance and the exposure of corporate information.<\/p>\n\n\n\n<p>Another key factor must also be considered: cost. Cloud services generate recurring expenses based on resource consumption, while on-premises deployments require investments in infrastructure, computing capacity and specialized personnel.<\/p>\n\n\n\n<p>It is also important to assess the risk of <strong>vendor lock-in<\/strong>. Building critical processes around a single AI provider or platform can make future migrations more difficult, reduce technological flexibility and increase long-term evolution costs. Whenever possible, organizations should therefore prioritize open, loosely coupled architectures that facilitate interoperability and the replacement of individual components.<\/p>\n\n\n\n<p>There is no universal answer. The right decision depends on the balance each organization wishes to strike between capability, control, risk and cost.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-where-ai-delivers-real-value-within-the-soc\"><strong>Where AI delivers real value within the SOC<\/strong><\/h2>\n\n\n\n<p>Although the market continuously presents new use cases, there are already several areas where AI is delivering clearly measurable benefits.<\/p>\n\n\n\n<p>Experience shows that the most successful projects are rarely the most technologically complex. More often than not, they are the ones where there is a clear relationship between the effort invested and the operational benefits achieved.<\/p>\n\n\n\n<p>Below is a summary of the areas where AI is most commonly delivering value within the SOC.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"885\" height=\"590\" src=\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image-1.png\" alt=\"\" class=\"wp-image-3354\" srcset=\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image-1.png 885w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image-1-300x200.png 300w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image-1-150x100.png 150w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image-1-768x512.png 768w\" sizes=\"auto, (max-width: 885px) 100vw, 885px\" \/><\/figure>\n\n\n\n<p><strong>Alert triage and prioritization<\/strong><\/p>\n\n\n\n<p>Alert management remains one of the greatest challenges for any SOC.<\/p>\n\n\n\n<p>AI can enrich events, correlate information from multiple sources and prioritize investigations based on actual risk. This enables analysts to spend less time on repetitive tasks and more time focusing on activities that provide greater value.<\/p>\n\n\n\n<p>From an operational perspective, the objective is not to replace analysts, but to enable each professional to manage a greater number of alerts with improved consistency and quality.<\/p>\n\n\n\n<p><strong>Incident investigation<\/strong><\/p>\n\n\n\n<p>Collecting and analyzing information consumes a significant portion of analysts&#8217; time.<\/p>\n\n\n\n<p>Modern AI models can consolidate information from multiple tools, generate summaries, build timelines and present relevant context much faster than traditional investigation processes.<\/p>\n\n\n\n<p>This accelerates investigations and allows analysts to focus their efforts on activities that truly require expert judgment.<\/p>\n\n\n\n<p><strong>Threat hunting<\/strong><\/p>\n\n\n\n<p>AI is also facilitating proactive threat hunting activities.<\/p>\n\n\n\n<p>The ability to translate questions written in natural language into queries for SIEMs, EDRs or analytics platforms lowers technical barriers and significantly accelerates investigative workflows.<\/p>\n\n\n\n<p><strong>Vulnerability management<\/strong><\/p>\n\n\n\n<p>Intelligent vulnerability prioritization is another area where AI is proving particularly valuable.<\/p>\n\n\n\n<p>Correlating asset criticality, exposure, threat intelligence and operational context makes it possible to focus remediation efforts on vulnerabilities with the highest likelihood of exploitation and the greatest potential business impact.<\/p>\n\n\n\n<p><strong>Documentation automation<\/strong><\/p>\n\n\n\n<p>Generating technical, executive or post-incident reports continues to represent a considerable workload for many security teams.<\/p>\n\n\n\n<p>AI makes it possible to reduce the time devoted to these tasks while improving the consistency and quality of communications.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-data-quality-remains-critical\"><strong>Data quality remains critical<\/strong><\/h2>\n\n\n\n<p>There is a common misconception that AI will automatically solve existing structural problems within security operations.<\/p>\n\n\n\n<p>The reality is very different.<\/p>\n\n\n\n<p>AI models are entirely dependent on the quality of the data they receive. Incomplete asset inventories, inconsistent telemetry or poorly integrated systems severely limit their ability to generate reliable results.<\/p>\n\n\n\n<p>Another common mistake is sending the model large volumes of information that add little value to the analysis. Filtering relevant data beforehand not only improves the quality of the responses, but also reduces costs and minimizes the unnecessary exposure of sensitive information.<\/p>\n\n\n\n<p>Across numerous projects, we have found that the main obstacles are rarely related to the AI technology itself. Instead, they stem from existing issues involving visibility, data governance or operational maturity.<\/p>\n\n\n\n<p>AI can amplify existing capabilities, but it is unlikely to correct fundamental weaknesses in security processes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-challenge-of-return-on-investment-roi\"><strong>The challenge of return on investment (ROI)<\/strong><\/h2>\n\n\n\n<p>One of the biggest misconceptions today is assuming that adopting AI will automatically reduce costs.<\/p>\n\n\n\n<p>Experience shows that this is not always the case.<\/p>\n\n\n\n<p>The costs are not limited to software licenses or infrastructure. Deploying AI solutions typically requires highly specialized professionals capable of combining expertise in cybersecurity, automation, platform integration, data engineering and artificial intelligence technologies.<\/p>\n\n\n\n<p>These professionals are scarce and their costs are significantly higher than those associated with many traditional IT roles.<\/p>\n\n\n\n<p>Furthermore, an AI solution does not end once it has been deployed. Models need to evolve, integrations must be maintained, and use cases must continuously adapt to changing operational requirements.<\/p>\n\n\n\n<p>AI is not a project. It is a capability that requires continuous evolution.<\/p>\n\n\n\n<p>For this reason, before launching any initiative, it is advisable to answer three simple questions:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>How many hours does this task currently consume?<\/li>\n\n\n\n<li>How much does it cost to perform it manually?<\/li>\n\n\n\n<li>What will be the actual cost of automating and maintaining it?<\/li>\n<\/ul>\n\n\n\n<p>In many cases, this exercise quickly identifies which initiatives have a realistic potential to generate a return on investment and which are unlikely to justify the required expenditure.<\/p>\n\n\n\n<p>It is also important to remember that not every task requires the most advanced AI model available. Activities such as classification, categorization or basic enrichment can often be handled by lighter, more cost-effective models, reserving the most powerful models for complex investigations and advanced analysis.<\/p>\n\n\n\n<p>As a result, not every organization can efficiently build and maintain these capabilities in-house.<\/p>\n\n\n\n<p><strong>Is the total cost of the solution lower than the cost of the tasks it is intended to optimize?<\/strong><\/p>\n\n\n\n<p>This remains one of the most important questions every security leader should ask.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-hallucinations-and-overconfidence\"><strong>Hallucinations and overconfidence<\/strong><\/h2>\n\n\n\n<p>Another significant challenge is the tendency to place excessive trust in AI-generated responses.<\/p>\n\n\n\n<p>Today&#8217;s models are capable of producing highly convincing explanations even when they contain errors or incorrect interpretations.<\/p>\n\n\n\n<p>In security operations, this can become particularly problematic, as an incorrect decision during an investigation may have significant consequences.<\/p>\n\n\n\n<p>Experience shows that the best results are achieved when AI automates thousands of repetitive, low-risk decisions, while critical decisions continue to remain under human supervision.<\/p>\n\n\n\n<p>For this reason, human oversight remains essential. AI should act as an assistant and a force multiplier, not as a replacement for professional judgment.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-securing-ai-systems\"><strong>Securing AI systems<\/strong><\/h2>\n\n\n\n<p>As these technologies become integrated into critical business processes, they also introduce a new attack surface.<\/p>\n\n\n\n<p>Prompt manipulation, exposure of sensitive information, data poisoning, or influencing model responses through malicious inputs are risks that are already becoming part of the security strategies adopted by many organizations.<\/p>\n\n\n\n<p>The security and governance of AI systems will become increasingly important components of cybersecurity programs.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-governance-and-oversight\"><strong>Governance and oversight<\/strong><\/h2>\n\n\n\n<p>Integrating artificial intelligence into critical processes also requires the implementation of clear governance mechanisms.<\/p>\n\n\n\n<p>Organizations must define which actions AI can perform autonomously, which require human validation, and how decisions made\u2014or recommended\u2014by AI models are audited.<\/p>\n\n\n\n<p>The greater the level of automation, the more important traceability, oversight and approval controls become.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-ai-is-also-enhancing-attackers-capabilities\"><strong>AI is also enhancing attackers&#8217; capabilities<\/strong><\/h2>\n\n\n\n<p>Defensive teams are not the only ones adopting these technologies.<\/p>\n\n\n\n<p>Threat actors are using AI to create more convincing phishing campaigns, automate reconnaissance activities, personalize social engineering techniques and increase the efficiency of several stages of their operations.<\/p>\n\n\n\n<p>Although we are still far from fully autonomous attack scenarios, the improvements in speed, scalability and personalization are already evident.<\/p>\n\n\n\n<p>This forces SOCs to evolve at the same pace as the threats they are defending against.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-democratization-of-ai-through-soc-as-a-service\"><strong>The democratization of AI through SOC as a Service<\/strong><\/h2>\n\n\n\n<p>The reality is that not every organization has the same level of maturity, budget or technical capability to deploy advanced AI solutions on its own.<\/p>\n\n\n\n<p>While some large enterprises can justify significant investments in infrastructure, software licensing and specialized personnel, many medium-sized and smaller organizations find it difficult to sustain these costs over time.<\/p>\n\n\n\n<p>This is where <strong>SOC as a Service<\/strong> models are playing an increasingly important role.<\/p>\n\n\n\n<p>In large organizations, SOC services typically complement existing internal capabilities. AI is used to strengthen already mature teams by providing automation, specialized expertise and access to knowledge accumulated across multiple environments and industries.<\/p>\n\n\n\n<p>For medium-sized organizations, multi-tenant models allow infrastructure, platforms and advanced capabilities to be shared across different customers while maintaining strict data segregation. This approach distributes costs and makes technologies accessible that would otherwise be difficult to justify individually.<\/p>\n\n\n\n<p>Small businesses, meanwhile, often benefit the most from automation and AI. In many cases they do not have dedicated cybersecurity teams, so combining highly automated processes with expert supervision makes it possible to provide an appropriate level of protection with minimal human intervention.<\/p>\n\n\n\n<p>As a result, organizations of any size can now access capabilities that, only a few years ago, were reserved exclusively for large enterprises, such as <strong>Virtual CISO (vCISO)<\/strong> services.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-towards-an-ai-augmented-soc\"><strong>Towards an AI-augmented SOC<\/strong><\/h2>\n\n\n\n<p>The following represents the proposed roadmap for progressively enhancing AI capabilities within a traditional SOC, with the long-term objective of evolving towards an autonomous SOC as both the technology and governance models continue to mature.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"884\" height=\"589\" src=\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image.png\" alt=\"\" class=\"wp-image-3353\" srcset=\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image.png 884w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image-300x200.png 300w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image-150x100.png 150w, https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/image-768x512.png 768w\" sizes=\"auto, (max-width: 884px) 100vw, 884px\" \/><\/figure>\n\n\n\n<p>After working with SOCs of different sizes and service models, one conclusion consistently emerges: at the current stage of AI adoption, the best results are achieved when AI is used to augment analysts&#8217; capabilities\u2014not to replace them.<\/p>\n\n\n\n<p>Artificial intelligence excels at processing massive volumes of information, identifying patterns and automating repetitive tasks. Human professionals remain essential for interpreting complex contexts, managing crisis situations and making strategic decisions.<\/p>\n\n\n\n<p>AI is already transforming SOC operations. The question is no longer whether it should be adopted, but how to implement it in a way that is efficient, sustainable and aligned with business objectives.<\/p>\n\n\n\n<p>The organizations that will achieve the greatest success will not necessarily be those deploying the largest number of AI models or investing the biggest budgets. Instead, they will be the ones capable of identifying where AI delivers genuine value and applying it pragmatically.<\/p>\n\n\n\n<p>Ultimately, the success of artificial intelligence in a SOC will not be measured by the technology itself, but by its ability to improve threat detection, accelerate response times and strengthen the organization&#8217;s security without the cost of maintaining these capabilities outweighing the benefits they provide.<\/p>\n\n\n\n<p>At NEVERHACK, we specialize in a wide range of technology solutions related to information security and cybersecurity. If you would like to learn more about how AI can enhance your Security Operations Center or discuss the challenges facing your organization, our experts will be pleased to support you in finding the right solution.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Artificial intelligence has evolved in a very short time from an experimental technology into a common element in virtually every aspect of our lives. Its popularity has grown to such an extent that, in some cases, it almost seems to have become a trend where every product or service needs to include the term &#8220;AI&#8221; &hellip; <a href=\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/\">Continued<\/a><\/p>\n","protected":false},"author":9,"featured_media":3358,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[70],"tags":[],"class_list":["post-3345","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trends"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.5 (Yoast SEO v26.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The challenges of applying AI in today&#039;s SOC - Neverhack<\/title>\n<meta name=\"description\" content=\"Explore the challenges of applying AI in today&#039;s SOC, from RAG and automation to governance, ROI and incident response.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The challenges of applying AI in today&#039;s SOC\" \/>\n<meta property=\"og:description\" content=\"Explore the challenges of applying AI in today&#039;s SOC, from RAG and automation to governance, ROI and incident response.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/\" \/>\n<meta property=\"og:site_name\" content=\"Neverhack\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-07T14:01:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-07-07T14:07:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/AdobeStock_370280312-3.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"1108\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Arianna MENEGHIN\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Arianna MENEGHIN\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"13 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/\",\"url\":\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/\",\"name\":\"The challenges of applying AI in today's SOC - Neverhack\",\"isPartOf\":{\"@id\":\"https:\/\/neverhack.com\/b\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/AdobeStock_370280312-3.jpeg\",\"datePublished\":\"2026-07-07T14:01:54+00:00\",\"dateModified\":\"2026-07-07T14:07:49+00:00\",\"author\":{\"@id\":\"https:\/\/neverhack.com\/b\/#\/schema\/person\/4d3e6f40044e735a281c77350e020cb7\"},\"description\":\"Explore the challenges of applying AI in today's SOC, from RAG and automation to governance, ROI and incident response.\",\"breadcrumb\":{\"@id\":\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#primaryimage\",\"url\":\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/AdobeStock_370280312-3.jpeg\",\"contentUrl\":\"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/AdobeStock_370280312-3.jpeg\",\"width\":2000,\"height\":1108,\"caption\":\"3D rendering artificial intelligence AI research of robot and cyborg development for future of people living. Digital data mining and machine learning technology design for computer brain.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/neverhack.com\/b\/en\/home-en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The challenges of applying AI in today&#8217;s SOC\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/neverhack.com\/b\/#website\",\"url\":\"https:\/\/neverhack.com\/b\/\",\"name\":\"Neverhack\",\"description\":\"Advanced cybersecurity solutions\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/neverhack.com\/b\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/neverhack.com\/b\/#\/schema\/person\/4d3e6f40044e735a281c77350e020cb7\",\"name\":\"Arianna MENEGHIN\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The challenges of applying AI in today's SOC - Neverhack","description":"Explore the challenges of applying AI in today's SOC, from RAG and automation to governance, ROI and incident response.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/","og_locale":"en_US","og_type":"article","og_title":"The challenges of applying AI in today's SOC","og_description":"Explore the challenges of applying AI in today's SOC, from RAG and automation to governance, ROI and incident response.","og_url":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/","og_site_name":"Neverhack","article_published_time":"2026-07-07T14:01:54+00:00","article_modified_time":"2026-07-07T14:07:49+00:00","og_image":[{"width":2000,"height":1108,"url":"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/AdobeStock_370280312-3.jpeg","type":"image\/jpeg"}],"author":"Arianna MENEGHIN","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Arianna MENEGHIN","Est. reading time":"13 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/","url":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/","name":"The challenges of applying AI in today's SOC - Neverhack","isPartOf":{"@id":"https:\/\/neverhack.com\/b\/#website"},"primaryImageOfPage":{"@id":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#primaryimage"},"image":{"@id":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#primaryimage"},"thumbnailUrl":"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/AdobeStock_370280312-3.jpeg","datePublished":"2026-07-07T14:01:54+00:00","dateModified":"2026-07-07T14:07:49+00:00","author":{"@id":"https:\/\/neverhack.com\/b\/#\/schema\/person\/4d3e6f40044e735a281c77350e020cb7"},"description":"Explore the challenges of applying AI in today's SOC, from RAG and automation to governance, ROI and incident response.","breadcrumb":{"@id":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#primaryimage","url":"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/AdobeStock_370280312-3.jpeg","contentUrl":"https:\/\/neverhack.com\/b\/app\/uploads\/2026\/07\/AdobeStock_370280312-3.jpeg","width":2000,"height":1108,"caption":"3D rendering artificial intelligence AI research of robot and cyborg development for future of people living. Digital data mining and machine learning technology design for computer brain."},{"@type":"BreadcrumbList","@id":"https:\/\/neverhack.com\/b\/en\/blog\/the-challenges-of-applying-ai-in-todays-soc\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/neverhack.com\/b\/en\/home-en\/"},{"@type":"ListItem","position":2,"name":"The challenges of applying AI in today&#8217;s SOC"}]},{"@type":"WebSite","@id":"https:\/\/neverhack.com\/b\/#website","url":"https:\/\/neverhack.com\/b\/","name":"Neverhack","description":"Advanced cybersecurity solutions","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/neverhack.com\/b\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/neverhack.com\/b\/#\/schema\/person\/4d3e6f40044e735a281c77350e020cb7","name":"Arianna MENEGHIN"}]}},"lang":"en","translations":{"en":3345},"pll_sync_post":[],"_links":{"self":[{"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/posts\/3345","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/comments?post=3345"}],"version-history":[{"count":5,"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/posts\/3345\/revisions"}],"predecessor-version":[{"id":3362,"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/posts\/3345\/revisions\/3362"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/media\/3358"}],"wp:attachment":[{"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/media?parent=3345"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/categories?post=3345"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/neverhack.com\/b\/wp-json\/wp\/v2\/tags?post=3345"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}