Every box on the landscape is a concrete way AI augments security work. Not "AI for everything" — but a specific task where an ML or LLM approach removes manual toil while a human stays in the loop on the decisions that matter.
What makes a good AI × Security use case?
Six criteria, roughly in order of importance:
- Business Value — Time saved, scale gained, or quality improved. If the answer is "marginal", AI rarely pays off.
- Process Fit — The task is structured and repeatable, not a one-off judgement call.
- Data & Tech Readiness — The data the model needs is available, reasonably clean, and you can integrate the output back into your tooling.
- Operating Model Feasibility — Humans review the output where it matters. Hand-offs and accountability are clear.
- Risk Manageability — Errors are bounded, auditable, and reversible.
- AI Capability Fit — The kind of work matches what AI is good at: language, pattern recognition, summarisation, correlation.
Augmentation, not autonomy
AI in security is most useful as an automation layer that supports humans, not as an autonomous agent. The interesting questions — "should we ship?", "is this a real incident?", "do we accept this risk?" — stay with the people responsible for the answer.
Each topic on this map describes one such augmentation. The detail page tells you what it does, what factors to weigh before adopting it, and what other use cases it pairs with — either as a prerequisite, a parallel effort, or as the next step in a pipeline.
How to use the map: pick a use case that matches your team's current data maturity and business scope. Open it. Read what comes before and after. Build the pipeline that fits your context.