Today’s cybersecurity professionals are no strangers to complexity. However, recent events prove one thing: The stakes — and the data — have never been higher. In response, Cribl Inc. has partnered with Palo Alto Networks Inc. to provide robust extended security intelligence and automation management while streamlining the implementation of new technologies such as agentic AI, according to Myke Lyons (pictured), chief information security officer of Cribl.

Cribl’s Myke Lyons talks with theCUBE about XSIAM’s resurgence in the AI age.

“There are so many of our customers in that space, and it’s really along the theme of still being able to own and have your agency around where that data goes,” he said. “And in this case, going to Palo Alto made perfect sense because there are so many customers of ours that are wanting and adopting those technologies like [Cortex] XSIAM, [which is] very much in line with where we’re going.”

Lyons spoke with theCUBE’s Dave Vellante and John Furrier at the RSAC 2025 Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They explored a candid, in-the-trenches view of modern cybersecurity challenges, emerging artificial intelligence applications and the shifting landscape of data operations. (* Disclosure below.)

XSIAM’s return and the continued rise of agentic AI

Once a hot topic that cooled over time, XSIAM is now returning to relevance, thanks to real-world applications and an expanding AI ecosystem. Driven by market demand, Cribl has similarly abandoned its previously integration-agnostic approach. Many Cribl customers are already entrenched in the Palo Alto ecosystem, and the need to manage data ownership while maintaining flexibility in security infrastructure made the partnership a natural fit, according to Lyons.

“Cleaning the data in many ways is important,” he said. “Logs are written by developers who have very different points of view as they write these logs or build these logs within their applications. Most developers want verbosity; they want debug level. Security people don’t want that stuff. We want to be able to turn it on if we really have to, but generally, we don’t want it.”

As security data soars at a 28% compound annual growth rate, according to Lyons, organizations are being forced to confront a new reality: Faster, smarter and more scalable pipelines are no longer optional. Modern security operations rely heavily on multi-destination pipelines. As such, the ability to filter, route and manage data efficiently — without overloading platforms or burning budgets — is now foundational.

“The challenge is we have to get into use cases and how we’re going to leverage these things,” he said. “And every non-tech person who’s an investor or a finance person or [chief financial officer] is asking you to adopt more AI. Well, you can’t just adopt more AI — that doesn’t mean anything. I could have the Perplexity app on my phone, but it doesn’t mean I’m adopting it. I must be able to understand what I have.”

Beyond infrastructure, AI is transforming the workforce itself. The modern chief information security officer juggles multiple roles — sometimes three or four at once. Agentic AI, when thoughtfully deployed, becomes a tool for defense, executive function and communication, according to Lyons. Rather than replacing jobs, AI is augmenting them — a trend that’s especially meaningful for tier-1 analysts, who may find traditional responsibilities increasingly automated.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSAC 2025 Conference event:

(* Disclosure: Cribl Inc. sponsored this segment of theCUBE. Neither Cribl nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE