TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources CYBERSECURITY OPERATIONS THREAT INTELLIGENCE INDUSTRY TRENDS Security Bosses Are All-In on AI. Here's Why CISOs are bullish on AI and have big plans to roll out future tools. We talk to Reddit CISO Frederick Lee and leading analyst Dave Gruber about how AI is working out in the real world, as well as its future promise. Dark Reading Staff,Dark Reading April 2, 2026 Dark Reading's Becky Bracken: Hello everybody and welcome back to Dark Reading Confidential. It's a podcast from the editors of Dark Reading, bringing you real world stories straight from the cyber trenches. Today I am joined by my colleague Alexander Culafi, who is going to talk to us today about AI in the security world. Alex? Dark Reading's Alexander Culafi: Thanks, Becky. Today we're going to be talking about AI deployments in the workplace and, more specifically, the security organization. Over the last two, three years, we've seen many companies try to pull AI in, some more successful, some less successful. We're obviously talking about LLMs, machine learning, that's AI, the way folks say AI today. And we're going to be talking a bit about how successful these deployments of security, AI tools, products, et cetera, have been. Frederick Lee, “Flee”, CISO of Reddit, thank you for joining me. And Dave Gruber, principal analyst, cybersecurity, at Omdia, thank you very much for joining us today. Related:RSAC 2026: AI Dominates, But Community Remains Key to Security There are many ways AI models are sold in the cybersecurity ecosystem today. Threat detection and analysis, automated incident response, and vulnerability management among them. Of the folks you talk to in your day-to-day life, or perhaps your own experience, how are you seeing teams take advantage of this new wave of machine learning, AI tech and practice? Flee, we'll start with you. Reddit's Frederick Lee: Yeah, oddly enough, this is one of those things where it's not just smoke and mirrors with regards to some of the new technology. We're not fully there with regards to actually the promise of LLMs. However, we are seeing some value. And in a lot of ways, you're actually seeing this, my team, other teams, especially here in Silicon Valley, for example, are getting a lot of value from the AI in LLMs, in particular with regards to actually automation and making some of that automation easier and more approachable for people that may not even actually [have taken] advantage of it in the past. LOADING... For example, you know, there is a vendor out there called Tines, and Tines was doing a lot of workflow, et cetera. Tines is now even easier to use because people can now actually talk to Tines effectively like you would another human. Where I've seen a lot of people leverage some of the existing infrastructure is actually literally taking some of the run books they have today, feeding those into LLMs, and turning those into agents to actually, you know, continue some of the operations, et cetera. And to some extent, leveraging AI to expand the coverage that a team can currently do today; not just coverage from the standpoint of like, Hey your attack surface, but literally like the hours we can actually get a response back to end users for various things. Related:Ransomware Will Hit Hospitals. Rehearsals Are Key to Defense So, I'm seeing a lot of people leaning more into the automation and simplification aspects of it (AI) and on the simplification side one of the interesting things we're seeing in a lot of products are people using LLMs to essentially [input] human speech into various different programming languages — you know a great example of this would be things like BigQuery or Splunk — being able to now instead of you having to actually learn Splunk's query language or actually having to learn how to utilize BigQuery literally being when actually just type in, Hey give me information about this IP address, and the LLM itself then translating that into the appropriate queries to actually get the analysts back the data they want. Omdia's Dave Gruber: Yeah. So, if I can jump in here too, and give you a little bit on a broader industry perspective. And I loved your examples there. Thank you so much for being very specific about them. As we're talking about the use of AI, I wanted to just tee up sort of those two phases of how we were thinking about this over the course of the last 18 to 24 months. So, we've seen a tremendous amount of generative AI use that's been inserted into most of the core security tools and mechanisms. And people have become very familiar with and are using it pretty widely for lots of use cases. Many are which are, I'll call them horizontal use cases, things like automation for specific tasks might be data enrichment. It might be a malware sandbox or in sort of lot of the more traditional automation use cases that are now more dynamic in the way that we handle those. Related:AI and Quantum Are Forcing a Rethink of Digital Trust The other good horizontal example would be in summarization of an incident and it's helping take what otherwise would have been an arduous task for an analyst to write up a summary of a case and share that with other people. Now that's happening very, very quickly because general AI is one of the things that it does very, very well. The other use case that I'll talk about is a category of use cases, which is the vertical use cases. And for that, I'll zero in on things like threat intelligence analysis. And as we know, the ability to operationalize threat intelligence is one of the more challenging aspects, and any delay that takes place from when we gain access to threat intelligence until we can operationalize it within the infrastructure adds additional risk to the organization. And so, as we put AI to work to help us speed up that process, do more analysis, faster understand what's relevant specifically to my organization contextually, and then get that into the cycle. As we insert it into the tools and get it to the analysts, now we're more threat aware and we can respond faster and more accurately to threats as they happen. I've been doing research in this space quarterly now over the course of the last year and I'm absolutely amazed at how fast things are moving. And Flee, I know you've seen this in your world too. It sort of goes through the traditional net new tech adoption cycle, except on steroids. Things are moving very, very fast, right? So, what do we do when we first get new tech? Is we get our hands all over it and we're a little afraid of it. We're not sure what the boundaries of it are and we try to learn what to do with it. But once we understand the boundaries, once we understand how we can apply it, what it can do, suddenly it becomes a useful tool. R's Frederick Lee: Yeah. O's Dave Gruber: Quickly going through this cycle of like what's possible, well actually starting out with a little fear, and then understanding what's actually possible, then understanding what the boundaries are, and then we start putting it to work, now we can narrow it down, and Flee just named several use cases that are more specific to that. Like after we understand what's possible, then we can put that to work. Guess what? People are seeing some pretty significant value right away, so some pretty good news there. R's Frederick Lee: I love the reference to kind of like how we traditionally introduce tools in the security world. And one of the more interesting things is this, at least for me, you can see Gray Beard and all that, is probably one of the first times or maybe one of the rarer cases where a new technology came out that security practitioners were excited about, where they were actually seeing, Hey, there's actually something here that might be promising to me, not just another bit of technology you have to actually figure out how to secure. Now, obviously, we're still thinking about, how do I secure LLMs? But I think immediately a lot of security practitioners saw that promise as something that helps expand what we can actually do inside of security. So, I think it's also part of the reason we're actually seeing that rapid iteration of development as well as that rapid iteration of adoption by security teams. O's Dave Gruber: Yeah, right on. And there is excitement. But I got to say, like a year ago, when I started asking the question to both practitioners and security leaders, the leaders were more motivated at what was possible, of course, than necessarily the practitioners were. There was a fair amount of just nervousness and cautiousness in approaching things. But boy, I'll tell you, over the last three research cycles that I've gone through right up until now, now there's, I'll call it what it is, it's excitement about what's possible, not only excitement about like how I can get my job done better, but excitement about the promise for making my life better and maybe my career prospects better going forward too. So that's a big flip. I'm not saying there's not still some caution with certain people, but for the more you get your hands on this stuff, the more excited you get. DR's Alexander Culafi: The risks that have come with some of this new LLM technology are fairly well established to some extent. For example, with Vibe coding, AI coding tools, which is not exactly the same thing, but is relevant to security, AI generated code has a tendency to introduce vulnerabilities when there's no experienced human engineer auditing, working alongside, making sure stuff is pushed to production safely. For some of these security use cases, whether it's what you were mentioning, Flee, or, you know, this malware sandboxing, threat intelligence, et cetera, what sort of risks do organizations need to watch out for? And I'll sta