Engineering safer automation at the edge of AI and security.
I build secure AI-agent workflows for SOC, SOAR, MCP, incident response, and cybersecurity automation — practical systems where AI can assist analysts safely, with policy, audit, and human approval built in.
Who is Saurabh Pati?
Saurabh Pati is a cybersecurity automation and AI security specialist focused on AI agent security, AI-SOC architecture, SOAR automation, MCP security, prompt injection defense, and human-in-the-loop incident response workflows. He designs guardrailed, auditable systems that let AI agents assist SOC analysts safely — with policy gates, scoped tools, and tamper-evident audit logs across SIEM, SOAR, and EDR platforms. He shares his AI-agent security research, hands-on labs, and write-ups publicly here.
Professional positioning
I work across SOAR engineering, AI security, incident-response automation, and agentic security workflows. I treat AI agents as production systems that need policy, scoping, and audit — not as smart text boxes connected to dangerous tools.
The day-to-day work is half playbook engineering, half threat modeling: shipping reusable SOAR patterns for SOCs, then making sure the agents that sit on top of them can be reviewed, replayed, and reasoned about.
What I work on
- SOAR playbook engineering for phishing, malware, EDR isolation, SIEM enrichment, and incident escalation.
- AI agent guardrails — policy gates, scoped tools, argument validation, redaction, and tamper-evident audit logs.
- MCP security tooling — proxies, allow-listing, and per-tool approval modes for Model Context Protocol servers.
- Incident response automation with explicit human-in-the-loop approval on consequential actions.
- Threat intelligence enrichment across VirusTotal, Shodan, AbuseIPDB, and internal CTI — normalized for agent consumption.
- Detection-to-action pipelines on QRadar, Sentinel, Splunk SOAR, Cortex XSOAR, IBM SOAR, Tines, and Chronicle.
Security automation philosophy
Automation earns trust by being boring and reviewable. The goal isn't autonomous response — it's giving analysts a faster, safer middle: deterministic enrichment, recommended branches, and a clear gate before anything changes state.
Three commitments shape every system:
- Guardrails before throughput. Scope tools first. Speed is a side-effect of safety, not a substitute for it.
- Humans on the consequential edges. Containment, blocking, notification — these stay human-approved by design.
- Audit as a first-class artifact. Every tool call, argument, and approval is logged, keyed to identity, and replayable.
Tools and platforms
Vendor-agnostic by design — the patterns matter more than the vendor, but the integrations are real.
Current focus areas
- MCP Guardian — a policy and audit layer in front of MCP servers, controlling which tools an agent may invoke and under which approval mode.
- Agent triage benchmarks — replayable evals for AI alert classification, with red-team prompts for tool misuse and exfiltration attempts.
- SOAR blueprint library — opinionated, tested playbook patterns that can be lifted across XSOAR, Tines, Sentinel, and QRadar.
- Human-in-the-loop UX — approval flows that surface exactly enough context for an analyst to make the call in seconds.
Why secure AI agents matter
SOC teams are already piloting AI agents on real telemetry. Without guardrails, those agents become a new attack surface — a privileged caller of SIEM, SOAR, and EDR APIs that can be manipulated through prompt injection or scope-stretched arguments.
The work is making sure the agents we ship are narrow, auditable, and reversible — so the productivity wins come without trading away the things SOCs exist to protect.
See the systems, not the slides.
Each project, case study, and topic page below is a slice of how this works in production — guardrails, playbooks, and approval flows you can read end-to-end.