What's this about?

Hey 👋🏻, I'm James.

I work at Elastic, leading our product efforts in Generative AI for Security Analytics. Prior to Elastic, I spent my entire career being a part of, building, or running security operations teams of all shapes and sizes. I run other sites like ohmymalware.com, whichphish.com, log4shell.threatsearch.io and eqlplayground.io

We've been building and shipping some incredible AI-powered features, and we’ve learned a lot in the process. But despite the Generative AI boom, this technology is still new to many in the security industry. Teams are constantly trying to figure out:

✅ What Generative AI can actually do (beyond the hype)
✅ How to use it effectively in day-to-day security operations
✅ Where it provides real value without adding noise

With so much AI content flooding everyone's feeds, it can be tough to cut through the noise. That’s where soctips.ai comes in. This blog is all about practical, real-world applications of Generative AI in security operations—not just theory, but actionable insights you can apply. While I’ll focus on Elastic tooling, I’ll also bring in other products and approaches where they make sense.

I’d love to hear your thoughts, questions, and feedback! Connect with me on LinkedIn or join the discussion in our community Slack workspace.