Who is Saurabh Pati?

Saurabh Pati is a cybersecurity automation and AI security specialist focused on AI agent security, AI-SOC architecture, SOAR automation, MCP security, prompt injection defense, and human-in-the-loop incident response workflows. He designs guardrailed, auditable systems that let AI agents assist SOC analysts safely — with policy gates, scoped tools, and tamper-evident audit logs across SIEM, SOAR, and EDR platforms. He shares his AI-agent security research, hands-on labs, and write-ups publicly here.

Positioning

Professional positioning

I work across SOAR engineering, AI security, incident-response automation, and agentic security workflows. I treat AI agents as production systems that need policy, scoping, and audit — not as smart text boxes connected to dangerous tools.

The day-to-day work is half playbook engineering, half threat modeling: shipping reusable SOAR patterns for SOCs, then making sure the agents that sit on top of them can be reviewed, replayed, and reasoned about.

Scope

What I work on

  • SOAR playbook engineering for phishing, malware, EDR isolation, SIEM enrichment, and incident escalation.
  • AI agent guardrails — policy gates, scoped tools, argument validation, redaction, and tamper-evident audit logs.
  • MCP security tooling — proxies, allow-listing, and per-tool approval modes for Model Context Protocol servers.
  • Incident response automation with explicit human-in-the-loop approval on consequential actions.
  • Threat intelligence enrichment across VirusTotal, Shodan, AbuseIPDB, and internal CTI — normalized for agent consumption.
  • Detection-to-action pipelines on QRadar, Sentinel, Splunk SOAR, Cortex XSOAR, IBM SOAR, Tines, and Chronicle.
Philosophy

Security automation philosophy

Automation earns trust by being boring and reviewable. The goal isn't autonomous response — it's giving analysts a faster, safer middle: deterministic enrichment, recommended branches, and a clear gate before anything changes state.

Three commitments shape every system:

  • Guardrails before throughput. Scope tools first. Speed is a side-effect of safety, not a substitute for it.
  • Humans on the consequential edges. Containment, blocking, notification — these stay human-approved by design.
  • Audit as a first-class artifact. Every tool call, argument, and approval is logged, keyed to identity, and replayable.
Stack

Tools and platforms

Vendor-agnostic by design — the patterns matter more than the vendor, but the integrations are real.

SOAR & SIEM
IBM SOAR
Cortex XSOAR
Splunk SOAR
Tines
QRadar
Microsoft Sentinel
Chronicle
Google SecOps
EDR & Threat Intel
CrowdStrike
SentinelOne
VirusTotal
Shodan
AbuseIPDB
AI & Automation
Python
MCP
Claude
OpenAI
LangChain
FastAPI
Docker
GitHub Actions
Focus

Current focus areas

  • MCP Guardian — a policy and audit layer in front of MCP servers, controlling which tools an agent may invoke and under which approval mode.
  • Agent triage benchmarks — replayable evals for AI alert classification, with red-team prompts for tool misuse and exfiltration attempts.
  • SOAR blueprint library — opinionated, tested playbook patterns that can be lifted across XSOAR, Tines, Sentinel, and QRadar.
  • Human-in-the-loop UX — approval flows that surface exactly enough context for an analyst to make the call in seconds.
Why It Matters

Why secure AI agents matter

SOC teams are already piloting AI agents on real telemetry. Without guardrails, those agents become a new attack surface — a privileged caller of SIEM, SOAR, and EDR APIs that can be manipulated through prompt injection or scope-stretched arguments.

The work is making sure the agents we ship are narrow, auditable, and reversible — so the productivity wins come without trading away the things SOCs exist to protect.

What's next

See the systems, not the slides.

Each project, case study, and topic page below is a slice of how this works in production — guardrails, playbooks, and approval flows you can read end-to-end.