Scrut DAST: Get continuous runtime security unified with compliance
Go back to blogs

Risk Grustlers EP 16 | Rethinking the dependability of AI agents

Last updated on
October 13, 2025
min. read

In this Black Hat special episode of Risk Grustlers, Edward Wu, Founder and CEO of Dropzone AI, joins Aayush Ghosh Choudhury, Co-Founder and CEO of Scrut, for a candid look at what dependable AI agents really mean for the future of cybersecurity.

Edward shares how Dropzone’s AI SOC analysts are automating Tier-1 investigations, shrinking response times from hours to minutes, and giving security teams the bandwidth to focus on proactive defense. The discussion unpacks the meaning of dependability in AI, why context trumps raw intelligence, and why humans will remain essential even as agents take on more responsibility.

Here are some key highlights from the episode.

Aayush: Tell us about your journey before Dropzone and what made you start the company.
Edward: Before Dropzone, I spent eight years at ExtraHop building network detection and response products. During that time, I wrote hundreds of behavioral detection modules and worked with many SOC teams. What I consistently saw was not a shortage of alerts but a shortage of people who could handle them. 

Teams were drowning in data and had no realistic way to investigate everything. I realized the real value would not come from creating more alerts but from automating the investigative work that burns out analysts. That realization was the seed for Dropzone.

Aayush: At Black Hat, everyone seems to be positioning themselves as an AI company. How is your approach different?
Edward: AI has become a buzzword. Many products today add a thin AI wrapper without addressing real pain points. Our approach is deeper. We focus on replacing Tier-1 analyst work by autonomously investigating alerts end-to-end. 

Instead of giving analysts another dashboard to check, we provide them with completed investigations that are ready for review. The goal is not just efficiency but to give teams the equivalent of ten times more capacity so they can finally cover alerts that used to be ignored.

Aayush: You talk a lot about “dependability.” What does that mean in the context of AI agents?
Edward: Dependability has two pillars. The first is accuracy and quality of output. Our system must perform at least as well as a human Tier-1 analyst, with safeguards so mistakes don’t break production or cost jobs.

Second, data stewardship, i.e., customers must trust how their data is handled. That means SOC 2 compliance, strict “no training on customer data” policies (including subprocessors), single-tenant deployments for data isolation, and even AI-specific penetration testing. Without that, adoption stalls.

Dependability is not a marketing term for us. It is the foundation on which customers decide whether they can integrate our technology into their mission-critical operations.

Aayush: Accuracy is tricky with non-deterministic systems like AI. How do you ensure reliability?
Edward: We treat quality control as a continuous process. Every day, experienced human analysts review a sample of investigations across deployments. They measure false positives, false negatives, and identify scenarios where the system struggles. 

This feedback not only keeps us honest but also drives improvements. We are upfront with customers that the system will not be perfect, but we design guardrails so that a mistake never brings down production systems or puts jobs at risk. 

Accuracy plus safeguards is what makes the technology usable in the real world.

Aayush: Does this mean agents are replacing humans or working alongside them?
Edward: They are creating capacity that did not exist before. Most SOCs simply ignore a huge percentage of alerts because there are not enough analysts. With agents, those alerts are finally investigated. 

For service providers, this means they can cut their SLAs from 90 minutes to 20 minutes, which is a real competitive advantage. For enterprises, it means threats that would have gone unseen are now being caught. 

This is not about displacing the workforce. It is about giving teams superpowers they could never afford otherwise.

Aayush: How do customers get comfortable giving more autonomy to AI?
Edward: We model it after hiring a new analyst. At first, the system only comments on alerts and provides recommendations. 

As trust grows, customers allow it to close false positives automatically. Eventually, they expand its authority to conditional containment actions such as quarantining a host during off-hours. 

Autonomy expands gradually and always with a human in the loop. That way, confidence builds naturally, and customers feel in control of the delegation process.

Aayush: Beyond intelligence, you highlight the importance of context. Why is that so critical?
Edward: Intelligence without context produces bad decisions. Every environment is unique, with its own policies, tools, and quirks. We address this with a two-part approach. 

First, we use federated learning to improve globally without sharing customer data. Second, we specialize locally by reading historical tickets and case notes to understand each organization’s norms. 

This allows the AI to act less like a generic tool and more like a trained analyst who understands the culture and practices of the specific team.

Aayush: How does this change the role of human analysts in the SOC?
Edward: I see Tier-1 roles gradually disappearing, but in a good way. Those tasks are repetitive and better done by software. 

Analysts will move into higher-value work such as consulting with business leaders, reducing attack surfaces, and designing defenses. AI effectively lowers the cybersecurity poverty line.

Companies that could never afford large teams now gain access to serious capabilities, and analysts can focus on proactive strategy rather than endless firefighting.

Aayush: Looking ahead, what excites you most about AI in cybersecurity?
Edward: I am excited by the potential to move the industry from reactive firefighting to proactive defense. Today, most teams spend their time putting out fires. 

With AI handling routine investigations, they can finally invest in long-term improvements like reducing exposed attack surfaces or developing stronger policies. 

AI will not eliminate the need for humans, but it will make the human role more interesting, creative, and impactful. 

That shift can make cybersecurity not only more effective but also more fulfilling for the people in the field.

Liked the post? Share on:

Authored by
Table of contents
Example H2
h3
Example H3
h4
Example H4
h5
Example H5
h6
Example H6
Subscribe to our newsletter
Get monthly updates and curated industry insights
Subscribe
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Join our community and be the first to know about updates!

Subscribe
I agree to receive marketing insights and other communications from Scrut Automation.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related Posts

Compliance Essentials
Information Security Compliance: Meaning, Regulations, Benefits
Scrut Updates
Introducing Scrut DAST: Continuous Runtime Security Unified with Compliance
Compliance Security
The illusion of security: Why your clean pen-test report is a false comfort

Ready to see what security-first GRC really looks like?

The Scrut Platform helps you move fast, stay compliant, and build securely from the start.

Book a Demo
Book a Demo
Platform
Why ScrutExplore the PlatformSimplify ComplianceStreamline AuditsEmpower Your EmployeesMonitor Cyber RiskAssess Third-Party RiskValidate User PrivilegesManage Asset InventoryDemonstrate TrustAI-Powered GRCIntegrate Your Tech Stack
Frameworks
SOC 2ISO 27001GDPRPCI DSSHIPAANIST AI RMFCustom FrameworksAll Frameworks
Company Stages
StartupGrowthEnterprise
Industry
Enterprise SoftwareFinancial ServicesHealthcareTravel and TourismEducation
Resources
BlogEbooksPodcastSuccess StoriesWebinarsEventsGlossaryFAQs
Hubs
SOC 2 HubISO 27001 HubHIPAA HubExplore All Hubs
Partners
Become a PartnerFind a Partner
Company
CustomersAboutCareersNewsroomSecurity
TrustTerms of UsePrivacy PolicyCookies Policy
© 2024 Scrut Automation. All Rights Reserved.