What is your general opinion on the GenAI-enabled security vendor solutions currently available on the market?

When there is so much market expectations on AI, every vendor company will make sure to align with it and have some AI powered stuff. The question is: Is this AI-feature really better or even really useful? Marketing glitter will be used here to make it appealing but sometimes, it brings no real additional value. However, when AI is applied on purpose, for specific usecases, it can really bring a lot of value to the product. A RAG strategy is something that is not so difficult to implement and that can really improve some user workflows. So forget about the "AI punchlines", just test security solutions based on your workflows and you'll see which ones work the best for you, whether it is AI-powered or not.

My approach to AI-powered solutions is quite pragmatic. I don’t invest in a solution merely because it's labeled as AI-powered. The critical aspect for me is to first identify the specific problem that needs solving and then evaluate how effectively the vendor's solution addresses that problem. It’s essential to avoid the trap of assuming that integrating AI will magically solve longstanding issues—often summarized as the "garbage in, garbage out" principle. However, I acknowledge that AI, particularly neural networks and large language models, holds potential for enhancing functionalities like noise reduction in data.