SOC Blind Spots: The Threats That Always Get Through and Why You Don’t Detect Them

Show Notes

Is your SOC ready for the new era of GenAI attacks?

In this episode, Ahmed Achchak sits down with Jai Minton, Senior Manager of Hunt & Response at Huntress, to break down how attackers consistently bypass even “mature” SOCs by abusing legitimate tools, blending into normal behavior, and operating in places defenders rarely monitor closely.

This conversation is for SOC leaders who want to understand:

→ Which intrusion patterns slip past EDR and SIEM without triggering alerts

→ Where telemetry is silently missing, shallow, or unusable when it matters

→ Why malware-free attacks are harder to catch than most teams expect

→ How weak signals can reveal early-stage intrusions, if you know how to connect them

→ What detection strategies no longer scale against how attackers operate today

Agenda

00:00 – Why SOC blind spots still exist

00:58 – Intrusion patterns that evade even mature SOCs

03:09 – Why context is the real detection problem

04:01 – Telemetry SOCs think they have (but actually don’t)

05:48 – Why logs are missing in the first place

07:00 – The weak signals attackers can’t avoid

08:19 – Can detection of weak signals actually scale?

10:20 – AI on offense: what SOCs are unprepared for

13:48 – Structural detection failures hunters see everywhere

14:45 – Redesigning detection for how attackers operate today

Follow Jai Minton on LinkedIn: https://www.linkedin.com/in/jaiminton/

Follow Ahmed Achchak on LinkedIn: https://www.linkedin.com/in/ahmed-achchak-872554109/

Stay tuned for updates from Qevlar AI: https://www.linkedin.com/company/qevlar

Curious how Qevlar AI helps SOCs connect weak signals and surface real intrusions earlier? Head to: qevlar.com