SecDSM Talk - December 2025
Networks promise reliability but ghost you at 3 AM. I got tired of reading logs, so I taught AI to be my troubleshooting partner.
This repo has everything from the talk.
Slides (PDF) — The full deck. Network therapy jokes included.
Demos — All four live demos, uncut:
-
C2 Detection Demo — AI finds beaconing behavior in a 1.6GB PCAP. DNS tunneling, C2 server, the works.
-
Linux Compromise Demo — That Raspberry Pi that "just needs a reboot"? Yeah, it was owned. AI caught it.
-
VPC Finding Demo — Security asks "What's this IP doing?" AI maps the entire VPC flow in 2 minutes.
-
VPC Flow Log Analysis — 100,000 lines of flow logs. Planted exploits. AI finds them all and writes the incident report.
Full Playlist — All demos in one place.
The actual prompts I used in the demos:
- Network Operations Agent — VPC flow log analysis, network mapping, security group tracing
- Threat Hunter Agent — PCAP analysis, C2 detection, incident response
These are the real 150+ line prompts with detailed instructions, context, and formatting rules.
You don't have time to read all the data your network generates. SNMP, syslog, NetFlow, VPC flow logs, packet captures — it's screaming at you faster than you can process it.
AI reads faster than you, never gets bored, and spots anomalies while you're still booting your laptop.
It's not a replacement. It's a partner.
Because network troubleshooting needs more humor:
Congratulations. You're the most expensive log parser in the building.
Every network engineer has gotten this message. Usually at 4 PM on a Friday.
I wrote a full blog post about this with the practical how-to guide, real examples, and lessons learned (including the time AI rm -rf'd my data directory).
Hit me up. I'm happy to talk about AI, networking, or how to secure your Raspberry Pi.
Oh, and remember: Be polite to AI. You never know what's coming.
This work is licensed under CC BY 4.0. Use it, remix it, share it — just give credit and link back to skye.fugate.dev.