Dito Agentic SOC Preview

The Agentic SOC — 2026 Roundtable Series - Invitation Only

Your security analysts are drowning.
AI is the answer — and the risk.

An invitation-only roundtable series for senior security leaders exploring how agentic AI is reshaping the modern SOC — reducing toil, compressing response time, and introducing an entirely new category of risk: the AI your organization is already using without you.

Find your city Seats are limited. Events fill 4–6 weeks in advance.

The format

What this is — and what it isn't.

Every security leader in this room gets pitched every day. This is something different.

The Agentic SOC is a facilitated conversation for 12–15 senior security leaders. Half the room are Dito customers running Google Security Operations in production today. The other half are peers working through what a modern SOC actually needs to look like in 2026.

The goal isn't consensus. It's candor.

Peer-led, facilitated discussion

Moderated by Dito's senior security practice. The conversation belongs to the room, not the agenda.

M-Trends 2026 intelligence briefing

We open with data from the full Mandiant report — including findings not in the public executive edition.

A peer who's already running it in production

A security leader with an agentic SOC live today shares what the transition actually looked like from the inside — including what broke.

No vendor pitches

Products enter the room only when someone in the conversation asks. That's the rule, and we keep it.

No slides, no keynotes, no booths

This is a conversation. The agenda is designed to move, not to present at.

What we're exploring

What the Agentic SOC actually looks like in practice.

Not a vision slide. Not a pilot. A set of real capabilities that are reshaping how the most forward-thinking security teams operate — and a set of new risks they're navigating at the same time.

Each roundtable is built around the concrete: what's working, what isn't, and what your peers are getting wrong before they figure it out the hard way.

AI agents for Tier-1 SOC triage

Custom-built AI analysts that handle alert triage, initial investigation, and verdict rendering autonomously — returning your human analysts to the cases that actually need them.

MCP servers inside the security stack

Model Context Protocol integrations that connect AI agents directly to your SIEM, threat intel feeds, ticketing systems, and response playbooks — without rebuilding your architecture.

MTTR compression through agentic response

Orchestrated AI workflows that compress mean time to respond from hours to minutes by automating the investigation, enrichment, and containment steps that slow human-led response.

Analyst toil — and what eliminating it looks like

What happens to your team's capacity, culture, and retention when 60–70% of Tier-1 work is handled by AI? The answers are more complex — and more interesting — than the math suggests.

Shadow AI: the risk you're already governing badly

65% of enterprise employees are using AI tools their security teams didn't approve. Your analysts are too. This is a new attack surface, a new governance problem, and a conversation most security leaders are not having yet.

The questions we'll take into the room.

These aren't talking points — they're the questions that don't have clean answers yet. Which is exactly why this conversation is worth having.

01
"If an AI agent is handling Tier-1 triage autonomously, what does your analyst's job description look like in 18 months — and are you ready to have that conversation with your team?"
02
"Shadow AI is already inside your organization. Your analysts are using it too. What's your governance posture — and what happens when the tool your team is relying on becomes the attack vector?"
03
"What does it actually take to move from agentic AI proof-of-concept to a production SOC — and where are security teams genuinely getting stuck when they try?"

2026 Roundtable Series

Find your city.

Each event is capped at 15 attendees. Attendance is by invitation only — submit your request and we'll confirm fit within 48 hours.

Tampa

Florida
Limited seats
May 27, 2026
Private venue — Downtown
Breakfast roundtable · 8–11am
Request an invitation

Atlanta

Georgia
Seats available
Jun 11, 2026
Private venue — Midtown
Breakfast roundtable · 8–11am
Request an invitation

Dallas-Fort Worth

Texas
Seats available
Jun 17, 2026
Private venue
Breakfast roundtable · 8–11am
Request an invitation

Austin

Texas
Seats available
Jun 18, 2026
Private venue — Downtown
Breakfast roundtable · 8–11am
Request an invitation

Chicago

Illinois
Seats available
Jun 25, 2026
Private venue — River North
Breakfast roundtable · 8–11am
Request an invitation

New York City

New York
Seats available
Jul 14, 2026
Private venue — Midtown
Breakfast roundtable · 8–11am
Request an invitation

Washington D.C.

Dist. of Columbia
Seats available
Jul 16, 2026
Private venue — Northwest
Breakfast roundtable · 8–11am
Request an invitation

More cities coming

Additional markets planned for Q3–Q4 2026.

Who attends

This room is curated.

Attendance is by invitation only. Every request is reviewed to ensure the conversation runs at the right seniority and with the right mix of perspectives.

CISO / Chief Information Security Officer

Enterprise and mid-market security executives accountable for organizational risk, compliance posture, and security strategy.

VP of Security / VP of Information Security

Senior security leaders responsible for SOC operations, security architecture, and team development across the organization.

SOC Director / Head of Security Operations

Leaders running detection, triage, and response day-to-day — with direct visibility into where human analyst capacity ends and automation must begin.

Convened by
Dito
Premier Google Cloud Partner
Google Cloud
In partnership with
Mandiant
Intelligence partner