SOC & AI: From detection to anticipation

Axians 360 echoes this vision, showcasing how Axians works hand in hand with Cisco across six technical areas to turn flagship technologies, such as AI and XDR, into real operational value. In cybersecurity, this partnership accelerates within the SOC, where speed, context, and intelligence are now critical to staying ahead of increasingly sophisticated threats. 

Stéphane Ben Oliel, Head of Cybersecurity Solutions at Axians France, shared insights from the past year on how the company has refined its Security Operations Center (SOC) strategy.  

With extensive experience in cybersecurity and a focus on operational excellence, Ben Oliel discusses how AI and modern technologies such as Cisco’s XDR are transforming the way Axians protects its clients, accelerating detection, enhancing responses, and empowering analysts to stay ahead of increasingly sophisticated adversaries.

One year on, what is the main takeaway from using AI in real SOC operations at Axians France? 

AI has become a daily, indispensable tool for SOC analysts. It operates like a built-in assistant, accelerating detection and response, and helping automate complex, repetitive tasks. As a result, teams can focus on meaningful threats and significantly reduce analysis and reaction times. 

With attackers also using AI, are we now in a cybersecurity arms race? 

In many ways, yes. AI has changed the cybersecurity landscape, enabling attackers to scale reconnaissance and exploit vulnerabilities faster. To keep pace, defenders must adopt AI-enabled tools to match or exceed that speed. Given the shortage of skilled professionals, AI is essential to amplify human capabilities rather than replace them. 

What does Cisco XDR bring to a SOC? 

Cisco XDR correlates and enriches data from diverse sources, going beyond traditional SIEM approaches. It pre-qualifies alerts and provides analysts with enriched context, helping distinguish real threats from noise. This elevates efficiency and enables analysts to focus on the incidents that matter most. 

What worked better than expected and what was more challenging when deploying AI and Cisco XDR? 

Technologically, the tools worked very well. The challenge was market adoption: many organizations were comfortable with basic EDR and slower to move toward a full XDR model. This adoption curve, coupled with economic constraints, extended the timeframe for widespread deployment. 

How has AI changed the role of SOC analysts beyond simply automating tasks? 

AI has freed analysts from repetitive tasks, giving them time to engage in deeper investigation and higher-value work. Level 1 analysts are now progressing faster in their skills and contributing more meaningfully to incident response, which boosts satisfaction and retention. 

Are we moving toward predictive cybersecurity, or does AI mainly speed detection and response? 

We’re in a hybrid phase. AI already speeds detection and response, and it’s also enhancing risk and vulnerability analysis. By identifying patterns humans might miss, it helps anticipate threats, though human oversight remains essential. 

What are today’s client expectations around AI-driven security, and what major shift should organizations prepare for next? 

AI is now expected to be a core component of cybersecurity offerings. Clients no longer ask if AI is used, but which AI capabilities are in place and how they deliver measurable value. There is also a growing understanding that AI is not a fully autonomous solution, but a powerful enabler that augments human expertise rather than replacing it. 

The next major shift will be the adoption of specialized, agent-based AI systems that collaborate across multiple security layers, from firewalls to endpoints. These interconnected agents will enable more dynamic, automated defense workflows. To fully benefit from this evolution, organizations must be ready to integrate, orchestrate, and govern these AI capabilities carefully, strengthening resilience without losing control.