Abstract
Security operations centers face a paradox: vast telemetry yet limited actionable insight. WitFoo’s research investigates how empathetic processing, temporal link analysis, and the principle of predestination of data can address this challenge by enabling AI systems to reason about context, causality, and evidentiary needs.
Empathetic Processing models analytics as a human‑centric dialogue: systems listen to diverse signals, resolve dissonance among conflicting narratives, and speak findings in role‑appropriate language for analysts, auditors, and executives. This approach reduces reliance on brittle parsers through NLP‑based intent comprehension and anticipates compliance requirements from the moment of ingestion—predestination of data—ensuring forensic completeness before incidents occur.
Temporal Link Analysis correlates events across time, constructing a resilient graph of nodes and edges from fully comprehended forensic artifacts. This enables evaluation against theories of crime and supports dynamic, object‑oriented analysis that adapts as new relationships emerge.
The session will explore:
- Understand design principles behind empathetic processing and predestination of data
- Apply temporal link analysis for long‑horizon correlation and attack path reconstruction
- Explore roles of ML, graph theory, LLMs, and NLP in emulating expert reasoning
- Assess how labeling, structuring, and pipeline strategies affect accuracy, speed, and cost
Attendees will gain insight into research directions shaping the next generation of AI‑driven SOC capabilities.
