At RSAC Conference 2026, Stellar Cyber's Lisa Liu cuts through the AI noise to explain why human oversight is not a limitation of today's security operations platforms -- it is the design intent. From 83% analyst accuracy gains to plug-and-play MSSP deployments, this conversation covers what a mature, battle-tested AI-native SOC platform actually delivers.
At RSAC Conference 2026, the expo floor runs on one word: AI. But Lisa Liu, Corporate Marketing and Communications Manager at Stellar Cyber, has been watching the confusion this creates in real time. Visitors at the Stellar Cyber booth are asking the same question: does AI in cybersecurity mean a tool that fights AI-powered attackers, a tool that is AI-based, or something else entirely? Lisa Liu's take is direct -- if your messaging can't answer that question, the noise is winning.
Stellar Cyber has been building toward a human-augmented, autonomous SOC for years -- long before "agentic" became the conference password. The logic driving that mission is not about market positioning. It is about what happens when AI makes a mistake at scale. One error in judgment can echo a thousandfold. Human oversight is not a limitation on the platform -- it is the architecture. The goal is not to put a human on the sidelines as a safety check. The goal is to make every analyst perform at a higher level, so a junior analyst works at the capability of a senior analyst.
Lisa Liu draws on the Waymo analogy familiar to anyone walking the streets of San Francisco this week: autonomous vehicles went from having a safety driver present to running solo. But when a power outage knocked out every Waymo unit simultaneously, the city needed humans to step in immediately. The same principle applies to security operations. Agentic AI is changing the analyst's role -- replacing alert fatigue and log chasing with higher-order problem solving -- but human involvement in the process is not going away.
For SOC teams asking how to get there, Lisa Liu is clear: success is not a rip-and-replace project. Success is minimal personnel disruption and maximum operational efficiency -- repositioning existing tools to work smarter without exposing the organization to weeks of vulnerability during a rebuild. Stellar Cyber's platform integrates with existing SIEMs and tools, adds coverage across network, endpoint, identity, and cloud environments, and offers hundreds of pre-built integrations with more being added continuously. For managed security service providers serving clients across different industries and risk profiles, that kind of unified visibility is what makes the business model scale.
The outcomes are specific. One Stellar Cyber customer reported that analysts were 83% more accurate in their threat environment analysis. Lisa Liu frames that number carefully: analysts are not measured by what they catch -- they are measured by what they miss. Any meaningful improvement in accuracy is not just a business metric. It changes how people feel about their work.
This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight
GUEST
Lisa Liu, Corporate Marketing and Communications Manager, Stellar Cyber
https://www.linkedin.com/in/lisaaliu/
RESOURCES
Stellar Cyber: https://stellarcyber.ai
Are you interested in telling your story?
▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight
KEYWORDS
Lisa Liu, Stellar Cyber, Sean Martin, RSAC Conference 2026, human-augmented SOC, autonomous SOC, AI-native security operations, Multi-Layer AI, MSSP security platform, SOC analyst efficiency, alert triage, agentic AI cybersecurity, brand spotlight, brand story, brand marketing, marketing podcast
The Human in the Loop Is Not Optional | A Brand Spotlight at RSAC Conference 2026 with Lisa Liu, Corporate Marketing and Communications Manager at Stellar Cyber
[00:00:10] Sean Martin: Marco.
[00:00:11] Marco Ciappelli: You wanna start?
[00:00:12] Sean Martin: I wanna start. Do you know how I'm feeling?
[00:00:15] Marco Ciappelli: Are you feeling agentic?
[00:00:17] Sean Martin: It's hard not to feel agentic. Majestic, maybe. Majestic. I'm feeling, I'm feeling stellar.
[00:00:24] Marco Ciappelli: Oh,
[00:00:25] Sean Martin: did I did there.
[00:00:26] Marco Ciappelli: I see what you did there. You very good.
[00:00:28] Sean Martin: Stellar Cyber.
[00:00:29] Marco Ciappelli: You
[00:00:30] Sean Martin: know who else is? Stellar. Lisa from Stellar Cyber. How, how are you, Lisa?
[00:00:33] Marco Ciappelli: How
[00:00:33] Lisa Liu: I'm good. Thank you for having me.
[00:00:35] Sean Martin: Yeah, this is lovely. We're gonna have a fun chat here. Lots of stuff going on here. RSAC Conference. You've had a full day now of talking to customers and prospects and peers and colleagues, and lots of fun things. I'm sure you've heard. So we're gonna touch on some of those things. Maybe a brief word about your role at Stellar and maybe the elevator pitch for Stellar Cyber, so folks have that context as we have this conversation.
[00:01:05] Lisa Liu: Totally. I'm Lisa. I'm the Corporate Marketing and Communications Manager here at Stellar Cyber. We are a security operations platform that works mainly with managed security services providers and mid-level enterprises to streamline their security operations and provide them with AI-driven security solutions.
[00:01:25] Marco Ciappelli: Very good. Yeah. So I made the joke about feeling agentic. You go down in the expo area, everything is agentic.
[00:01:33] Lisa Liu: Totally.
[00:01:34] Marco Ciappelli: And you're right there. Yes. I know you guys do this, but what's the buzz around, like, uh...
[00:01:41] Lisa Liu: Well, I've been telling people, you know, you don't get on the floor at this conference this year if you're not saying AI. If you don't have it somewhere in your branding,
[00:01:49] Marco Ciappelli: that's a password.
[00:01:50] Lisa Liu: You're not getting a booth space. That's just the way the game is. And it was true last year. It's definitely true this year. But we've been saying human-augmented, autonomous SOC -- at RSAC Conference, for a couple years now. So this is not something we adopted just to be trendy or just to make sure that we're on the same playing field as everyone else. It's kind of the logic that's been driving our mission since the beginning. So you might've seen some baby carriages on the street. If you haven't, I encourage you to go look for them. They've got some San Francisco goodies in them. But our messaging is basically: because everyone's saying AI, it's hard to tell what that actually means. And a fun anecdote I got yesterday when working in the booth -- a lady came up to me and said, AI, AI, AI. Does it mean I'm getting a tool that helps me confront attackers using AI? Or does it mean that I'm getting an AI-based tool?
[00:02:50] Sean Martin: Or am I protecting my AI?
[00:02:51] Marco Ciappelli: Mm-hmm.
[00:02:52] Lisa Liu: And I was like, that's a very good question. The fact that you can't answer that from messaging is pretty indicative of all the noise that's out there.
[00:03:02] Sean Martin: Yeah. Absolutely. And so the human in the loop, obviously it's an important piece. We've had some conversations about how ready organizations are to let things kind of take over for them. Is your decision to have a human in the loop based on the readiness of the market to accept a fully autonomous SOC, or is it just the reality that the human needs to be there because AI is not ready to take over -- or is it both?
[00:03:35] Lisa Liu: I think it's kind of both. I think we prioritize the role of the human because there have been several empirical cases of AI making a mistake, and compared to a human making a mistake, that's got way bigger consequences because AI is just so much more prolific. One error in judgment can echo a thousandfold instead of just one or two cases. So oversight is not only crucial -- it's actually the only thing that'll protect your organization at the end of the day. And the goal isn't just to have a human on the sidelines checking in. The goal is to make your analysts even better than they are, so that a junior analyst is working at the level of a senior analyst and that everybody is leveling up with the addition of these tools rather than worrying about losing their jobs or not having one in the future.
[00:04:30] Sean Martin: Right?
[00:04:31] Lisa Liu: Yeah.
[00:04:31] Marco Ciappelli: You know, let's talk about what AI can and cannot do for real. I want to use the metaphor of all the Waymo cars we see out here. It's a huge San Francisco perk.
[00:04:47] Lisa Liu: Francisco perk. Yeah.
[00:04:48] Marco Ciappelli: Until last year there was still a guy next to it, and now they just go around. And maybe that's the expectation people have about generative AI -- that there will be a day I can let it go. That's not today.
[00:05:03] Lisa Liu: No. And I think, as a recent example, there was a power outage in San Francisco and all the Waymos lost function and there was a huge buildup -- and that's when you need humans to step in. And kind of sort out the situation. Make sure everything goes where it needs to be. Because otherwise things grind to a halt. If every car on the street decides to stop working, what do you do? So I don't think the human will ever be able to completely let go and be uninvolved in the process.
[00:05:40] Marco Ciappelli: So where are we right now? To what extent can agentic AI in cybersecurity work on its own?
[00:05:51] Lisa Liu: I think it has great potential to completely change the role of analysts. So rather than chasing manual alerts or dealing with this fatigue every day of encountering logs, analysts are instead incentivized to create new ways to approach problems. It's really not just a matter of the extent to which they're working, but rather a complete mindset change of how the analyst approaches their work.
[00:06:21] Marco Ciappelli: work.
[00:06:22] Lisa Liu: Exactly. Yes.
[00:06:24] Sean Martin: So how do SOC teams and SOC managers look at this differently now? I'm thinking in terms of what success looks like -- measuring success. Do they have to approach their program differently? Do they have to dismantle it and put it back together? How do teams say we're going to embark on an AI-enabled SOC? What does that look like? What does success look like?
[00:06:50] Lisa Liu: I think the goal is not to tear everything down and start all over again. That's hard. That's expensive. That's time consuming. The goal is to position your existing tools -- everything you've got, especially if you have a lean security team where every moment counts, every person counts -- the goal is just to reposition yourself and make your tools work as efficiently as possible without changing everything from the bottom up. So I think success looks like minimal personnel change, but increased efficiency, increased accuracy, and more confidence in the way your team works.
[00:07:28] Sean Martin: And how does Stellar Cyber help teams achieve that?
[00:07:33] Lisa Liu: So we're great for a lean, efficient security team because you get increased visibility, you get full context enrichment. You get everything from detection to response without buying a whole new portfolio of tools that you would need to train new analysts on, that you would need to hire new people for. The onboarding is extremely efficient, so we're able to adapt your team really quickly to a much more efficient way of operating. So it's a way to level up your security team without taking a complete break and taking everything apart, which of course leaves you vulnerable in the meantime. The idea of rebuilding completely might seem enticing, but what do you do in the meantime? That turnover leaves you with weeks of vulnerability.
[00:08:24] Sean Martin: And it's probably not even an option for small and medium businesses.
[00:08:27] Lisa Liu: Absolutely not. And every week there are stories of -- it doesn't matter what industry you're in or what size operation you're running -- you're vulnerable. There will be threats and bad actors out there.
[00:08:42] Marco Ciappelli: So we have spoken with you and the team for a few years now. I think you've been in the business of AI in the SOC way before it was cool --
[00:08:55] Lisa Liu: Exactly.
[00:08:56] Marco Ciappelli: way before you needed an AI password to get on the floor. How has it been changing -- the product -- how have you been adapting it to
[00:09:08] Sean Martin: any new innovations --
[00:09:09] Marco Ciappelli: to the new environment? What kind of innovation steps have you been doing lately?
[00:09:14] Lisa Liu: Yeah. We've been incorporating machine learning into our technology since the very beginning. That's also why we're calling ourselves mature, grown-up AI on the floor -- because this is battle tested. And we've just added multiple layers, hence Multi-Layer AI, which is our trademarked brand term. But we're adding new capabilities in terms of automatic triage, automatic phishing triage, just to further increase analyst efficiency and minimize mistakes. And our ability to give analysts a comprehensive and understandable case analysis from the very beginning has gotten much better -- changing the way that analysts operate. So we're really trying to enable the human and the human-augmented autonomous SOC, and not just add more tools to their stack.
[00:10:15] Marco Ciappelli: A tool that is AI but human-focused.
[00:10:18] Lisa Liu: Exactly.
[00:10:19] Sean Martin: Love it. What's some of the feedback from analysts who use the tool? What are they able to do now that they weren't able to do before?
[00:10:27] Lisa Liu: I think they're able to cast off a lot of the busy work that made their jobs not only tedious but also difficult in the past. So they're able to see an array of, say, five different alerts and know which one takes priority and how to respond to it -- instead of having to evaluate every single one manually, individually. Because at the end of the day, as attackers get more efficient, as there are more AI-enabled attackers, that becomes impossible. Evaluating manually or correlating by yourself across all these environments -- figuring out what takes priority -- eventually makes you less effective in dealing with the ones that matter. The feedback we've gotten is that offloading that burden from the analysts, and instead having this AI agent do that case summary and analysis for them, is a huge step forward. It's a game changer for the way they approach their job.
[00:11:30] Sean Martin: How about managed security service providers doing this across a large number of customers? Because that's another big group you serve. And the ability to do that without breaking the bank.
[00:11:47] Lisa Liu: Exactly.
[00:11:47] Sean Martin: So how do you help them cover many, many customers?
[00:11:52] Lisa Liu: That's actually one of the biggest advantages we have. Because a lot of our managed security service providers have clients of all different sizes, across all different industries -- and their needs are different, and their team capabilities are different. So a solution that's able to provide visibility into their network, into their endpoints, into identity, all these different facets -- it's essential. A functioning SIEM is no longer sufficient. It's no longer the best solution on the market. Any tool that's able to synthesize your visibility across all these different environments is perfect for a smaller team that doesn't have the budget or the capability to spend on hundreds of security analysts -- which is an unreasonable expectation for a lot of people.
[00:12:49] Sean Martin: Not sustainable either.
[00:12:50] Lisa Liu: No.
[00:12:50] Marco Ciappelli: So you said before that it's very easy to deploy -- you don't have to knock down whatever you have. Give an example of: if somebody is watching us right now and wants to start working with you, what's the process?
[00:13:07] Lisa Liu: Yeah. So we offer hundreds of integrations. If you have a functioning SIEM and a good relationship with the provider and it works -- but you've recently become aware that identity threats are something you're very worried about and you want extra coverage or additional visibility -- we can integrate your existing SIEM into the platform so you don't have to compromise your existing relationships or the tool that you've grown attached to. But instead you can get additional functionality across these other threat environments.
[00:13:42] Marco Ciappelli: Kind of plug and play.
[00:13:43] Lisa Liu: Exactly. So we offer hundreds of integrations. We're building out more all the time. And if there's one that's really important to you that we don't have, we'll build it out for you.
[00:13:52] Marco Ciappelli: Just ask.
[00:13:54] Lisa Liu: We'll figure it out. Yeah. It'll work out.
[00:13:57] Sean Martin: Yeah. As we wrap -- by the way, I want some Stellar Cyber sneakers. They're nice branded sneakers.
[00:14:04] Lisa Liu: Special RSAC Conference sneakers.
[00:14:06] Sean Martin: A scenario or two -- a use case or two -- of where customers achieved some outcome they weren't able to do before and maybe didn't even expect.
[00:14:21] Lisa Liu: Yeah. So we recently had a customer report that their analysts were 83% more accurate in their analysis of the threat environment -- which is not only a massive outcome difference, but it's also a morale booster. People feel more effective at their jobs. And people only know when you've messed up and missed something important -- not all the attacks you've stopped. So any increase in accuracy is a huge deal.
[00:14:52] Sean Martin: So yeah, there's a number, which is good.
[00:14:55] Lisa Liu: Yes.
[00:14:55] Sean Martin: And then there's the human element of it -- they're not being bashed for not knowing and not getting through as many alerts.
[00:15:05] Lisa Liu: Because at the end of the day, the only thing that matters as an analyst is not all the alerts you do catch -- it's the alerts you miss. So the sum total of your job is all the mistakes you've made, which is a very difficult thing to accept. And people only know when you've messed up and missed something important, not all the attacks you've stopped. So any increase in accuracy is a huge deal.
[00:15:38] Sean Martin: It's a stellar day. And it is a good day to connect with Lisa and the Stellar Cyber team. Try to connect with them on LinkedIn, on the website. Keep the human in the loop -- but give them the tools and the intelligence and the information to be 83% more effective and accurate in tackling alerts.
[00:16:11] Lisa Liu: We've recently redone our website, so hopefully you'll find it exciting. A new look.
[00:16:17] Sean Martin: All right, Lisa, thank you so much.
[00:16:20] Lisa Liu: Thank you so much for having me. This was lovely. Thank you.