Effective AI for Practical SecOps Workflows w/ Hayden Covington
🧦 SOC Summit 2026
https://www.antisyphontraining.com/event/soc-summit/
https://www.antisyphontraining.com/event/soc-summit/
Which AI workflows are already running in production SOCs right now, and which ones could you implement by next week?
đź”— Register for FREE Infosec Webcasts, Anti-casts & Summits:
https://poweredbybhis.com
🛝 Webcast Slides:
https://www.antisyphontraining.com/wp-content/uploads/2026/01/Effective-AI-for-Practical-SecOps.pdf
✏️ Learn from Hayden on Antisyphon Training:
https://www.antisyphontraining.com/search/Hayden
Join Hayden Covington (Black Hills Infosec - SOC SecOps Lead) for a free one-hour training session to learn how to augment security analysts with AI through practical, tested workflows.
Cut through the noise of vendor demos, hype, and ChatGPT wrappers.
Hayden will teach you practical AI workflows that help analysts work faster and smarter without replacing their judgment.
Learn real techniques for detection engineering, case management, and QA, plus where AI truly helps (and where it doesn’t) so you can apply it right away.
Chat with your fellow attendees in the BHIS Discord server:
https://discord.gg/bhis
in the #đź”´live-chat channel
Chapters:
Brought to you by:
đź”— Register for FREE Infosec Webcasts, Anti-casts & Summits:
https://poweredbybhis.com
🛝 Webcast Slides:
https://www.antisyphontraining.com/wp-content/uploads/2026/01/Effective-AI-for-Practical-SecOps.pdf
✏️ Learn from Hayden on Antisyphon Training:
https://www.antisyphontraining.com/search/Hayden
Join Hayden Covington (Black Hills Infosec - SOC SecOps Lead) for a free one-hour training session to learn how to augment security analysts with AI through practical, tested workflows.
Cut through the noise of vendor demos, hype, and ChatGPT wrappers.
Hayden will teach you practical AI workflows that help analysts work faster and smarter without replacing their judgment.
Learn real techniques for detection engineering, case management, and QA, plus where AI truly helps (and where it doesn’t) so you can apply it right away.
Chat with your fellow attendees in the BHIS Discord server:
https://discord.gg/bhis
in the #đź”´live-chat channel
Chapters:
- (00:00) - INTRO – 2026-01-28 Effective AI Hayden
- (02:36) - About Hayden
- (03:40) - What This Session Is (and Isn't)
- (04:33) - Let's Get Something Straight
- (06:18) - What Augmentation Actually Looks Like
- (12:10) - Before You Implement Anything...STOP
- (13:21) - Consideration: Cost
- (18:37) - Consideration: Policy & Legal
- (20:48) - Consideration: Data Sensitivity
- (21:28) - Consideration: Team Buy-In
- (23:42) - Consideration: PEBKAC
- (28:02) - How We'll Break Down the Use Cases
- (29:21) - Start This Week! – AI Projects: Curated Team Agents
- (32:19) - Building a Good Agent
- (33:25) - Detection Code Review Agent
- (35:38) - Detection Code Review: Example Prompt (GH)
- (37:08) - Why Markdown and Change Controlled Prompts Win
- (38:45) - Start This Week! – SOC Analyst Agent
- (40:27) - SOC Analyst Agent: Example Prompt
- (42:03) - Other Agent Examples
- (43:00) - Quick Wins: Raycast InfoSec Extensions
- (44:51) - Raycast Example
- (45:19) - Build This Month! – Case Management: Alert Titles & Summaries
- (46:30) - Case Management: Example
- (47:17) - Case Management: Sample Implementation
- (48:15) - Build This Month! – Quality Assurance: Automated Ticket Review
- (48:51) - QA Workflow Options
- (49:52) - QA: What It Catches
- (50:22) - QA: Sample Prompt
- (51:44) - Build This Month! – Detection Engineering: First-Draft Generation
- (53:19) - Detection Engineering Workflow
- (54:11) - Detection Engineering: Starter Approach
- (54:52) - Detection Engineering: Sample Prompt
- (57:05) - Where AI Often Fails
- (59:34) - Key Takeaways
- (01:00:38) - Resources & Next Steps
- (01:02:03) - QA Start
- (01:04:55) - Patterson's Workshop
Brought to you by:
Black Hills Information Security
Antisyphon Training
Active Countermeasures
Wild West Hackin Fest
Creators and Guests
Host
Jason Blanchard
Jason Blanchard has been happily adopted into the hacker community at Black Hills Information Security (BHIS) since 2019, even though he “works in marketing.” He’s had every dream job imaginable: teaching filmmaking, owning the world’s most famous comic book store, and fostering the infosec community efforts for SANS. While some at BHIS call him the “Director of Excitement,” he is formally known as the Excitement Co-Creator. In his day-to-day work of “sucking at capitalism,” Jason enjoys helping others, sharing his knowledge, and giving away lots of free stuff. When he’s not working, Jason spends time with his wife and daughter, hosts a semiweekly job-hunting Twitch stream, and enjoys writing short stories and performing stand-up comedy.
Guest
CJ Cox
CJ Cox is the Chief Operating Officer for Black Hills Information Security (BHIS). He joined the team in 2016 and is responsible for managing the day-to-day operations and business capture of BHIS. CJ has over 25 years of experience in the IT industry as a systems administrator as well as an information system security officer, manager, and engineer. CJ feels that this is his dream job and that his favorite parts are the people he gets to work with and making security better. He is a retired Marine reservist and father of 4 who enjoys skiing, camping, golfing, and playing chess in his free time.
Guest
Hayden Covington
Hayden Covington joined Black Hills Information Security (BHIS) in the Summer of 2022 as a SOC Analyst. He chose BHIS after hearing many great things over the years and seeing the quality of work, as well as finding people who have the same passion for the field as he does. His favorite part of the job so far has been the community. Previously, Hayden worked in a SOC for a Naval contractor, where he also served as their SOAR project manager and SME, as well as insider threat lead. When he’s not working, Hayden can be found doing anything athletic (like triathlons!), as well as enjoying video gaming and Formula 1.
Guest
Patterson Cake
Patterson Cake joined the Black Hills Information Security (BHIS) pirate ship in June of 2023 as a Security Consultant focusing primarily on detection engineering and digital forensics and incident response. He chose BHIS because, to paraphrase, “doing cool stuff with cool people” and “making the world a better/safer place” is exactly how he wants to spend his professional time and energy. It also helps that he has a bit of history with a couple of awesome folks that have been with BHIS for many moons. Prior to joining the team, Patterson helped build and lead a DFIR practice for an MSSP, worked as a senior security engineer for AWS Managed Services, and spent several years in enterprise cybersecurity, often healthcare related, focusing on intermingling offensive security and incident response in technical and leadership roles. Outside of work, he enjoys spending time with his family, which often involves motorcycles, outdoor sports, movies, and music.