Well these days, AI is taking over everywhere. In cyber space , we are hearing AI integration to tools like Splunk that can detect anomaly and patterns. Do you think 1st level response teams in SOC will be still needed? Do you see in future these jobs in that area going nowhere?
Current AI is like Big Data. A 1GB csv is apparently big data.
Eventually. Most companies are doing automated real time anomaly detection, very few are able to do self healing. Once many figure it out, there will be less tactical analysts, mostly a few experts who can tune or alter the AI program.
what's first level response in SoCs?