# Can You Build an AI SOC with Claude Code? The Reality vs. Hype

Page: https://stenobird.com/podcast/cloud-security-podcast-612345/can-you-build-an-ai-soc-with-claude-code-the-reality-vs-hype
Text version: https://stenobird.com/podcast/cloud-security-podcast-612345/can-you-build-an-ai-soc-with-claude-code-the-reality-vs-hype.md
Podcast: [Cloud Security Podcast](https://stenobird.com/podcast/cloud-security-podcast-612345)
Published: 2025-10-21T19:00:00+00:00
Episode link: https://podcasters.spotify.com/pod/show/cloudsecuritypodcast/episodes/Can-You-Build-an-AI-SOC-with-Claude-Code--The-Reality-vs--Hype-e39bnpm
Audio file: https://anchor.fm/s/10fb9928/podcast/play/109485302/https%3A%2F%2Fd3ctxlq1ktw2nl.cloudfront.net%2Fstaging%2F2025-9-21%2F409702111-44100-2-825b86c68a3f5.mp3
Processing state: not_requested
JSON: https://stenobird.com/v1/public/podcasts/cloud-security-podcast-612345/episodes/can-you-build-an-ai-soc-with-claude-code-the-reality-vs-hype
Duration seconds: 2859

## Resource

Can you just use Claude Code or another LLM to &quot;vibe code&quot; your way into building an AI SOC? In this episode, Ariful Huq , Co-Founder and Head of Product at Exaforce spoke about the reality being far more complex than the hype suggests. He explains why a simple &quot;bolt-on&quot; approach to AI in the SOC is insufficient if you're looking for real security outcomes. We speak about foundational elements required to build a true AI SOC, starting with the data. It's &quot;well more than just logs and event data,&quot; requiring the integration of config, code, and business context to remove guesswork and provide LLMs with the necessary information to function accurately . The discussion covers the evolution beyond traditional SIEM capabilities, the challenges of data lake architectures for real-time security processing, and the critical need for domain-specific knowledge to build effective detections, especially for SaaS platforms like GitHub that lack native threat detection . This is for SOC leaders and CISOs feeling the pressure to integrate AI. Learn what it really takes to build an AI SOC, the unspoken complexities, and how the role of the security professional is evolving towards the &quot;full-stack security engineer&quot;. Guest Socials -⁠ ⁠⁠⁠⁠⁠Ariful's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes -…

## Actions

- request_transcript: `POST https://stenobird.com/v1/public/podcasts/cloud-security-podcast-612345/episodes/can-you-build-an-ai-soc-with-claude-code-the-reality-vs-hype/transcription-requests` — Idempotently request low-priority transcript generation for this episode.
- read_markdown: `GET https://stenobird.com/podcast/cloud-security-podcast-612345/can-you-build-an-ai-soc-with-claude-code-the-reality-vs-hype.md` — Read the agent-friendly Markdown representation of this episode resource.

A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed.

## Transcript

Full transcripts are not published on public pages unless there is a clear rights basis.