Oudy Even Haim
Oudy is a senior cybersecurity research program manager at Microsoft, where he leads the content quality and next-generation LLM-based detection framework strategy for Microsoft XDR and SIEM. With over 15 years of experience, Oudy brings a unique blend of hands-on expertise, offensive mindset and deep knowledge of SOC operations, purple teaming, and AI-driven detection. Prior to Microsoft, he led offensive security and research programs at EY and critical infrastructure practice at PwC, including national-scale initiatives such as Israel’s ICS National Cybersecurity Lab (ICNL) design and program management. Oudy has also served in key cybersecurity and leadership roles within the Israeli Prime Minister’s Office, focusing on OT security, cyber resilience, and secure architecture for classified environments. His current research program focuses on evolving SOCs from reactive data analysis to wisdom-driven detection pipelines using cognitive AI agents. Oudy holds an M.Sc. in Nuclear Engineering, a B.Sc. in Electrical Engineering, multiple GIAC certifications, and regularly instructs advanced cybersecurity courses.
Session
Modern SOCs are overwhelmed with data but short on insight and talent. This session introduces a cognitive detection framework that transforms traditional detection logic into a reasoning engine powered by SLM/LLM-based AI agents. These agents act like seasoned analysts: linking subtle signals, reconstructing attack timelines, prioritizing and guiding decisions based on business impact and intent. The session outlines the pipeline-from alert enrichment to automated response-orchestrated by specialized agents designed to elevate detection from raw data to operational wisdom. With a demo and real-world KPIs, attendees will walk away with a blueprint for building a smarter, leaner, and more impactful SOC.