Last year alone, Scent Journer sold over 8,000 of its hand-blended perfumes
For as long as she can remember, Joyce Lian has been fascinated by scents—not just how they smell, but why they smell the way they do.
That curiosity led her to enrol in Singapore Polytechnic’s perfumery and cosmetic science course in 2013, where she learned about raw materials, chemical structures, and the formulation of personal care products.
Her interest only deepened during a 10.5-month internship at global giant International Flavours & Fragrances, where she was posted to the fragrance department. With permission from the company, Joyce often stayed after work hours to experiment with small quantities of raw materials, creating her own fragrance formulations.
She painstakingly memorised the scent profile of each ingredient, building a personal knowledge base to train her sense of smell. At the time, she had committed 147 raw materials to memory.
Advertisement
Joyce’s passion for perfumery ultimately grew into Scent Journer, her own fragrance label selling thousands of products, including on Sephora’s online platform. We spoke with the 30-year-old who shared what it takes to build a perfume brand from scratch.
Navigating career detours
Joyce on her graduation from polytechnic./ Image Credit: Scent Journer
“To me, how I experience fragrance is very different from most people. I have trained myself to perceive and discern the different layers that lie in a perfume bottle,” Joyce shared while explaining her keen sense of smell that she has honed over the years.
After graduating from Singapore Polytechnic, Joyce went on to complete a Chemistry degree at the National University of Singapore (NUS) in an accelerated timeframe of just 2.5 years that ended in 2018.
The year after, she landed a job as a technical specialist at a cosmetics company, where she stayed for five months. While the role was stable, it was not what she had envisioned—her passion lay in fragrances.
But Singapore’s perfumery industry back then was small (and still is, at least according to Joyce), and opportunities were limited. Unlike her friends, she was also unable to go overseas to pursue fragrance roles due to familial constraints at the time.
Advertisement
Eventually, Joyce was not finding any joy in her cosmetics position. At the advice of one of her friends, she decided to try something entirely different: she joined OCBC in 2020 as a personal financial consultant.
But less than a year later, Joyce realised the role wasn’t her cup of tea either. She missed working in labs, formulating, and experimenting with different scents.
A colleague then suggested she start her own business and explore an entrepreneurship programme run by the National University of Singapore (NUS)—a suggestion that would ultimately change the course of her life.
Building Scent Journer from the ground up
In 2021, Joyce applied for the three-month Venture Building Programme at NUS together with her partner, Alex Lim, and her sister, Jacelyn Lian, where they built the stepping stones for Scent Journer.
Advertisement
Joyce, Alex, and Jacelyn pitching to mentors at the NUS Venture Building Programme./ Image Credit: Scent Journer
The programme taught the trio the foundations of entrepreneurship, from validating ideas to understanding customers. One requirement was to interview at least 100 potential users to assess market demand.
What Joyce and her team uncovered was telling. Many Singaporeans only wore perfume for special occasions as they viewed it as an expensive product, while others avoided it entirely because fragrances triggered headaches or nausea. As such, only a small minority wore perfume daily.
Identifying these pain points, Joyce wanted to create perfumes that could be “worn every day in the city-state and were less likely to cause headaches or nausea, while making the various scent notes more discernible,” Joyce explained.
“I want the name of Scent Journer to speak for itself, bringing our customers on a journey through scent, with the fragrance acting as an everyday companion.”
After pitching her idea, Scent Journer was awarded the Startup SG Founder Grant in two tranches, amounting to S$50,000. NUS contributed another S$10,000, and Joyce, Alex, and Jacelyn pooled an additional S$10,000, bringing the total startup budget to S$70,000. It was a tight budget, but enough to get the business off the ground.
Advertisement
The brand operated online for its first eight months after incorporation in Apr 2021. Then, an unexpected opportunity arose.
In Dec, after seeing Scent Journer’s advertisements online, the now-closed Japanese-inspired French pastry shop Flor Patisserie reached out to the brand and offered it a pop-up space at its outlet for a day, for just S$50 to give the latter a chance to interact physically with potential customers.
The pop-up exceeded expectations, recording an 80% conversion rate. For Joyce and her team, it was a pivotal moment that gave them the much-needed confidence that they were onto something concrete.
Inside the perfuming process
One of Scent Journer’s signature scents is Clouds In Heaven, available in a fragrance bottle or perfume sachet./ Image Credit: Scent Journer
Scent Journer launched with three fragrances and has since expanded to five, while also gradually offering other product formats like perfume sachets that can be hung in wardrobes, apart from hand sanitisers and scented candles.
On special occasions like their anniversary and Christmas, Joyce releases limited-time offerings—for example, the A New Veil fragrance with green tea notes, and the Spiced Winter Tea Candle. To celebrate Singapore’s birthday last year, the brand even came up with a kaya toast–scented candle.
Advertisement
Image Credit: Scent Journer
Each fragrance that is released by Scent Journer undergoes six months to a year of research and development, and every one is hand-blended by Joyce to ensure quality.
She starts with a sugarcane alcohol base, combining it with other ingredients distilled into liquid form—over 85% of which are naturally derived, with no harmful additives.
Most of what she works with are sustainable or upcycled ingredients, such as carrot seed essence, and the sugarcane alcohol she uses is gentler on the senses—though significantly more expensive.
“We use high-quality, perfumery-grade natural ethanol derived from sugarcane alcohol. Conversely, mainstream perfumes use synthetic alcohols, which are more likely to be denatured by the methanol inside them and may have a higher possibility of causing users to experience nausea and headaches, especially people who are more sensitive to alcohol,” Joyce explained.
Once done, each bottle is sealed and ready for sale.
Advertisement
Scaling its offline presence
Over the years, Scent Journer has scaled its offline presence significantly. In 2022, the brand entered consignment spaces with stockists after Tangs reached out, followed by Metro at Design Orchard.
Since Oct 2023, the brand has been available on KrisShop, and a year later, begun retailing on Sephora’s online platform.
One of Scent Journer’s pop-ups./ Image Credit: Scent Journer
The brand has always been a familiar face at various pop-ups, including Boutiques Fair, Singapore’s largest design-led shopping event, having attended six events and counting.
Scent Journer has also expanded beyond Singapore, partnering with a specialty fragrance retailer in Guangzhou, China, in 2023—a milestone for its overseas growth.
“Our move into the Chinese market has been significant; there is a rising demand for niche fragrances, particularly those with unique stories and creative scent compositions,” shared Joyce. “Chinese consumers are becoming more discerning, and our focus on high-quality ingredients and immersive olfactory storytelling resonates strongly with their changing tastes.”
Advertisement
That said, customers from other markets can also purchase products through the brand’s website, which ships internationally. Joyce recalled being surprised when customers from France willingly paid steep shipping fees just to get their hands on the brand’s products.
Collaborations have also played a key role in expanding Scent Journer’s reach. Joyce has crafted bespoke fragrances for brands such as homegrown distillery Compendium Spirits and cafe Nesuto, working closely with each to translate their brand identity into scent.
For Compendium Spirits, the distillery was looking for a fragrance to accompany its Rojak Gin, and so Joyce delivered it as both a room spray and hand wash.
“I understood that gin is nothing without juniper berries, and rojak is not one without the torched ginger lily flower. Hence, I developed a scent that turned Compendium’s Rojak Gin into a fragrance.”
The distillery also asked for an odour-neutralising solution to tackle the inevitable plumbing smells in its old Circular Road shophouse. Joyce’s team created a fragrance solvent that broke down the unpleasant odours while filling the space with Scent Journer’s signature scent.
Advertisement
Similarly, on a larger scale, Nesuto requested an autumn-like scent to be diffused throughout its cafe, so Joyce came up with a concoction of green tea, roasted chestnut and other ingredients that together reproduce a “warm ambience of autumn.”
The realities & rising costs of craftsmanship
Joyce’s products have been a hit—last year alone, she sold more than 8,000 bottles through retail and client projects.
Alex and Joyce at Design Orchard 2022 and Tangs pop-ups./ Image Credit: Scent Journer
Like any startup, Scent Journer has faced its fair share of challenges.
Joyce’s formulations are highly specific, and price fluctuations have a direct impact—after the pandemic, the cost of her sugarcane alcohol ingredient surged by about 70%.
Previously operating out of NUS BLOCK71, a startup incubation space, Joyce moved to her current lab in Tampines in Sep 2023, where operational costs became even more apparent.
Advertisement
Combined with distributor cuts, these factors left her little choice but to raise retail prices—a difficult but necessary decision to keep the business sustainable. Today, a 25ml bottle at Scent Journer costs S$128.
To manage costs, Joyce operates her lab and office on an appointment basis while running retail operations through consignment areas and pop-ups.
Currently, Scent Journer is undergoing a brand overhaul to rejuvenate the brand. Joyce’s advice to aspiring founders is simple but hard-earned: do what you love.
“Find a problem to solve rather than doing things that are trendy,” she said. “It’s hard to stand out and last, especially if you’re entering an already saturated market.”
Advertisement
She reflected on how many new fragrance brands gravitate towards familiar notes like pear and freesia—scents popularised by other popular brands and instantly recognisable. For Joyce, longevity lies not in imitation and chasing fleeting trends, but in carving out something quietly, unmistakably your own.
The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country’s Ministry of Intelligence and Security (MOIS) are using Telegram in malware attacks.
In a flash alert issued on Friday, the FBI says Telegram is being used as command-and-control (C2) infrastructure by malware targeting journalists criticizing the Iranian government, Iranian dissidents, and various other oppositional groups worldwide.
The bureau linked these attacks to the Iranian-linked and pro-Palestinian Handala hacktivist group (also known as Handala Hack Team, Hatef, Hamsa) and the Iranian state-sponsored Homeland Justice threat group tied to Iran’s Islamic Revolutionary Guard Corps (IRGC).
In these attacks, the Iranian hackers are using social engineering to infect targets’ devices with Windows malware that enables them to exfiltrate screenshots or files from compromised computers.
Advertisement
“Due to the elevated geopolitical climate of the Middle East and current conflict, the FBI is highlighting this MOIS cyber activity,” the bureau said.
“This malware resulted in intelligence collection, data leaks, and reputational harm against the targeted parties. The FBI is releasing this information to maximize awareness of malicious Iranian cyber activity and provide mitigation strategies to reduce the risk of compromise.”
Iranian malware attacks abusing Telegram (FBI)
This warning was published one day after the FBI seized four domains (handala-redwanted[.]to, handala-hack[.]to, justicehomeland[.]org, and karmabelow80[.]org).
The websites available via the seized clearnet domains were used by the Handala and Homeland Justice threat groups, and a third threat actor tracked as Karma Below, during their attacks and to leak sensitive documents and data stolen in cyberattacks targeting victims in the United States and around the world.
These actions follow Handala’s cyberattack on U.S. medical giant Stryker, in which they factory reset approximately 80,000 devices (including employees’ personal computers and mobile devices managed by the company) using the Microsoft Intune wipe command after compromising a Windows domain administrator account and creating a new Global Administrator account.
Advertisement
Last week, the FBI also warned that Russian intelligence-linked threat actors are targeting Signal and WhatsApp users in phishing campaigns that have already compromised thousands of accounts.
“The activity targets individuals of high intelligence value, such as current and former U.S. government officials, military personnel, political figures, and journalists,” said the FBI in a public service announcement issued after Dutch and French cybersecurity authorities described similar account-hijacking operations.
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
In what’s probably the culmination of Apple’s 50th anniversary celebrations, maybe we’ll get to see Tim Cook dance again at a large-scale party now being planned at Apple Park.
Apple Park is to host an elaborate 50th anniversary party
The anniversary celebrations were started by Tim Cook writing an open letter about Apple’s five decades, and since then events have followed in New York, China, South Korea, France, and Thailand. More are expected in the UK, Canada, and Australia, but probably the biggest one will be at Apple Park. According to Bloomberg, Apple is planning what’s described as “an elaborate 50th birthday party” at its Cupertino, California headquarters. There are no further details in the article, and not even confirmed dates, but there is supposition that John Ternus will be center stage as the most likely next CEO of the company. Continue Reading on AppleInsider | Discuss on our Forums
Xiaomi has been out of the laptop game for a few years, but the Book Pro 14 (2026) completely outperforms their previous offerings with cutting-edge technology that manages to deliver everyday comfort and a serious punch in an impressively small chassis, rivaling Apple’s MacBook Air.
The Book Pro 14 weighs a sleek 1.08kg and is only slightly thicker than 15mm, making it easy to sneak into your luggage without drawing notice. The entire design revolves around a single huge piece of die-cast magnesium alloy that acts as the main frame, which is then encased in a carbon fiber bottom panel and a titanium support beneath the keyboard. The idea behind all of this was to minimize weight while yet having a structure robust enough to withstand being bunged in a travel bag, and there are a variety of color possibilities, including blue, grey, pink, and white, which is a nice change from the usual bland neutrals.
SPEED OF LIGHTNESS — MacBook Air with the M4 chip lets you blaze through work and play. With Apple Intelligence,* up to 18 hours of battery life…
SUPERCHARGED BY M4 — The Apple M4 chip brings even more speed and fluidity to everything you do, like working between multiple apps, editing videos…
BUILT FOR APPLE INTELLIGENCE — Apple Intelligence is the personal intelligence system that helps you write, express yourself, and get things done…
The screen is 14.6 inches and features an OLED panel with a resolution of 3,120 x 2,080, which is refreshed 120 times per second. Oh, and it’s touch-sensitive and bright enough to see in almost any setting. Overall, it provides a really fluid experience whether you’re seeing documents or watching videos, and the colors appear accurate for creators.
Advertisement
Intel basically provides the CPUs, and there are a few solid options to select from, ranging from the Core Ultra 5 325 to the Core Ultra X7 358H, which has an incredible 16 cores. Meanwhile, the top models have 32GB of RAM and 1TB of storage, with an internal slot for adding another drive for a total of 4TB.
Power management is handled by a huge 10,000 square millimetre vapor chamber, which works in tandem with dual fans and three independent airflow channels to keep the whole thing nice and cool even when running solely on battery power. The battery has an amazing 72WH capacity, and estimations range from 19.8 hours of mixed use to 12 hours of uninterrupted video playback or over 16 hours of online meetings. It’s also easy to recharge; simply plug in a 100w charger and you’re ready to go.
When it comes to connectivity, we’ve got the essentials without the extras: a single standard USB-A connector adjacent to an HDMI port, two USB-C ports (one of which supports Thunderbolt), and a 3.5mm socket to meet all of your audio demands. The keyboard boasts 1.3mm of key travel and LEDs to help you work late at night or in low-light conditions. The touchpad is a reasonable size at 129 square cm and responds to pressure in a way that allows you to employ a few extra gestures for shortcuts and other purposes. To sweeten the deal, Xiaomi has included a few features that should make life easier, such as seamless file copying between devices and the ability to read documents on whatever tablet or phone you own without having to worry about it.
Prices in China start around 8,500 yuan, which equates to approximately $1,234 for the entry-level model with 24GB of memory and 1TB of storage. The higher-spec models with faster processors and more memory cost around 10,500 yuan. Sales began in China on March 21st, and if you were lucky, you might have gotten one of the early deals that were available.
Salesforce acquired Clockwise’s workers, but not the company itself
Clockwise customers advised to migrate to Reclaim
Agentforce annual recurring revenue up 169%
Clockwise CEO Matt Martin has announced via a LinkedIn post that Salesforce will be hiring the startup’s team as part of its broader Agentforce push.
Because Salesforce is acquiring the workers and not the company, Clockwise has confirmed it will be shutting down from March 27, 2026, leaving customers having to find an alternative.
Martin confirmed that all customer data would be deleted, meaning that Salesforce won’t have access to Clockwise’s database, and that unused subscriptions will be refunded.
Article continues below
Advertisement
Clockwise closes down as Salesforce acquires workers, not company
“We believe this move will allow us to have even greater impact,” Martin wrote, explaining the founding team’s success and experience. “We will be bringing our deep expertise building reliable, agentic software to the Agentic Enterprise.”
The 10-year-old company has served major customers, like Uber, Netflix and Atlassian, during its time in market, but now users are being directed to rival app Reclaim in light of the near-immediate shutdown. Reclaim will be matching Clockwise’s prices to make the transition less painful.
Advertisement
“They’re joining my charter to build Agent Interoperability and Orchestration within Agentforce,” Clockwise co-founder Gary Lerhaupt wrote in a separate LinkedIn post. Lerhaupt joined the Agentforce team as Product Architecture VP a little over a year ago after around eight years at Clockwise. Martin also spent over two years at Saleforce between 2014 and 2016 before departing to create Clockwise.
Although Salesforce has not commented on how the new recruits might drive Agentforce forward, we can at least expect immense growth. The Agentforce business grew 169% in terms of annual recurring revenue, now accounting for $800 million. Total company revenue for the most recent full year stood at $41.5 billion, up 10% year-over-year.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The team from Auger accepts the Startup of the Year trophy at the 2025 GeekWire Awards. (GeekWire File Photo / Dan DeLong)
Boot up the robot trophies, it’s time to vote for the finalists for the 2026 GeekWire Awards!
This is your chance to help us honor the top innovators and entrepreneurs in Pacific Northwest tech — from Startup of the Year to Next Tech Titan, from Young Entrepreneur of the Year to CEO of the Year, and much more.
With 50 finalists across 10 categories, the annual GeekWire Awards are a much-anticipated and hotly-contested affair, hosted live from the Showbox SoDo in Seattle on May 7.
Cast your ballot here or in the embedded form at the bottom. Voting runs through April 10.
The event will feature a VIP reception, sit-down dinner and fun entertainment mixed in. Tickets go fast, and a limited number of half-table and full-table sponsorships are available, so contact events@geekwire.com to reserve a spot for your team today.
Over the next few weeks, we’ll feature the finalists in special GeekWire editorial posts on each category.
Advertisement
Now in its 18th year, the GeekWire Awards is a premier event for the Seattle tech community, bringing together hundreds of geeks to celebrate innovation and the entrepreneurial spirit. Past winners have included Auth0, Tableau, Smartsheet, Rover, Remitly, Swype, Redfin, Zulily, The Black Boardroom Initiative, University of Washington computer scientist Ed Lazowska, Technology Access Foundation and many others.
(function(t,e,s,n){var o,a,c;t.SMCX=t.SMCX||[],e.getElementById(n)||(o=e.getElementsByTagName(s),a=o[o.length-1],c=e.createElement(s),c.type=”text/javascript”,c.async=!0,c.id=n,c.src=”https://widget.surveymonkey.com/collect/website/js/tRaiETqnLgj758hTBazgd5M58tggxeII7bOlSeQcq8A_2FgMSV6oauwlPEL4WBj_2Fnb.js”,a.parentNode.insertBefore(c,a))})(window,document,”script”,”smcx-sdk”); Create your own user feedback survey
GrapheneOS is doubling down on privacy at a time when most platforms are moving the other way. The security-focused Android alternative says it won’t require personal information from users, even as governments tighten identity and data collection rules.
In a recent public post, the team said the OS will remain usable without accounts or ID checks worldwide. That decision comes with a clear tradeoff. If local laws demand verification, access in those regions could disappear instead of the platform changing its approach
That puts GrapheneOS on a direct collision path with a broader push toward verified online services. While most companies adapt quietly to stay compliant, this project is choosing to stay outside that system entirely.
No ID means no compromise
The position itself isn’t new, but the clarity is. Access to GrapheneOS and its services won’t depend on signing up or proving your identity, regardless of where you are
Advertisement
GrapheneOS will remain usable by anyone around the world without requiring personal information, identification or an account. GrapheneOS and our services will remain available internationally. If GrapheneOS devices can’t be sold in a region due to their regulations, so be it.
Instead of tailoring rules for each market, the platform keeps a single global standard. If a government requires identity checks to distribute or use it, support in that region stops there.
That approach is rooted in how the OS is built. GrapheneOS strips out unnecessary data exposure wherever possible, including avoiding centralized accounts that can tie activity to a person. Adding identity requirements would break that model at a fundamental level.
Why this stance stands out
There’s a practical downside to that consistency. In regions where stricter rules take effect, users could lose access to GrapheneOS devices or updates tied to the platform
Advertisement
The limitations go further than availability. Hardware support is deliberately narrow, limited to devices that meet strict security requirements. Broader compatibility options are avoided because they weaken protections. Even setup reflects that thinking, with preloaded devices offered to reduce exposure to standard Android installs
YouTube
That tradeoff is hard to ignore. You get stronger privacy guarantees, but you give up flexibility in devices and access.
What happens next
GrapheneOS is still trying to grow without loosening its rules. A long-term partnership with Motorola aims to bring official support to more devices starting in 2027, which could improve availability without lowering its standards
Expansion will stay selective. Devices that don’t meet its requirements won’t be supported, even if that slows adoption.
The project’s funding model also plays a role. It runs entirely on donations, now enough to support a full-time team. That independence gives it room to hold this line while others bend under regulatory or commercial pressure.
Advertisement
If you’re thinking about switching, the value is straightforward. You get a mobile OS that avoids identity checks entirely, but depending on where you live, access could become harder to maintain over time.
Looking for the most recent regular Connections answers? Click here for today’s Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle and Strands puzzles.
Today’s Connections: Sports Edition is a tough one. Let’s hope you know a lot about a certain NBA player. If you’re struggling with today’s puzzle but still want to solve it, read on for hints and the answers.
Connections: Sports Edition is published by The Athletic, the subscription-based sports journalism site owned by The Times. It doesn’t appear in the NYT Games app, but it does in The Athletic’s own app. Or you can play it for free online.
Hints for today’s Connections: Sports Edition groups
Here are four hints for the groupings in today’s Connections: Sports Edition puzzle, ranked from the easiest yellow group to the tough (and sometimes bizarre) purple group.
Yellow group hint: Somebody has to win!
Advertisement
Green group hint: Gridiron strategy.
Blue group hint: Certain bird.
Purple group hint: A hoops star.
Answers for today’s Connections: Sports Edition groups
Yellow group: Used to break a tie.
Advertisement
Green group: Offensive formations in football.
Blue group: Cardinals.
Purple group: Associated with Shai Gilgeous-Alexander.
One of the coolest things about old hi-fi hardware is that it often came with flickety needles that danced with the audio level. You can still buy these if you want, or you can simulate the same look on a screen, as [mircemk] demonstrates.
It isn’t [mircemk]’s first rodeo in this regard. An earlier project involved creating simulated VU meters on round displays, but they were somewhat limited. Using the Adafruit GFX library on an ESP32 netted a working setup, but it was jerky and very jagged and digital-looking. It was more akin to a fake needle display running on an 8-bit computer than something that looked like a real vintage VU meter.
[mircemk] didn’t give up and figured the ESP32 microcontroller and GC9A01 round display could surely deliver better results. The trick was to leverage the LVGL graphics library instead, along with the Squarelinestudio UI editor. The library was able to display far richer graphics that look like an actual vintage VU meter, even appearing glowing and backlit like the real thing. The moving needle animates far more smoothly as well, pulsing with the music in a way that feels far more realistic compared to the earlier attempt.
Advertisement
It’s nice to see this simple project revisited and so boldly improved just a year later. If you’re looking to implement real-looking gauges while retaining the flexibility of a small LCD screen, you might like to try the LVGL library for yourself. With that said, sometimes you just can’t beat the real analog gauges themselves. Video after the break.
AI agents are quickly becoming the cybersecurity industry’s favorite promise.
In theory, they can triage alerts, investigate incidents, and respond to threats – acting as force multipliers for overstretched SOC teams.
In practice, many security leaders are discovering that agents are failing.
Advertisement
Article continues below
Jamie Moles
Senior Technical Manager at ExtraHop.
Not because these agents are incapable, but because they lack the data and context to understand activity across the network and respond appropriately.
Autonomy is compelling, but without the right data, it’s less useful automation and more hopeful guesswork that is quietly creating a visibility gap at the heart of the agentic SOC.
Advertisement
The context problem
Most AI agents rely on the same fragmented telemetry stacks that analysts have struggled with for years. Endpoint logs in one tool, cloud signals in another, identity data elsewhere, and network traffic often underused or ignored. Each source tells part of the story, but none provide the full picture no matter what dashboard you favor.
When context is missing, agents struggle to reason about what’s normal and what’s malicious. False positives can multiply, investigations can stall, and automated responses can disrupt legitimate business activity.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Practical AI use cases illustrate both the promise and the challenge: agents can automatically isolate compromised endpoints after detecting unusual login patterns, or flag anomalous lateral movement that would take analysts hours to investigate manually.
Advertisement
Yet these same agents can misfire if the underlying telemetry is incomplete, triggering unnecessary quarantines or failing to detect stealthy sophisticated threats.
At its core, this isn’t a problem with the AI, but with the information available to it. AI can only act on what it knows. And in many SOCs, it simply doesn’t know enough.
Advertisement
Building a foundation for autonomy
Before organizations push further into automation, they need to address a more fundamental issue: the quality and completeness of their telemetry. Autonomous decision-making requires a constant stream of high-fidelity, trustworthy data – the kind that can be correlated across users, devices, applications, and workloads.
Many practitioners are returning to the foundational principle that the network remains one of the most reliable sources of truth in modern environments. While endpoints can be tampered with and logs siloed, network activity is unavoidable to attackers. It captures what actually happened – who talked to what, when, and how.
Modern environments demand even more context. Security teams also need visibility into identities behind actions and the behavior of cloud-native and Kubernetes workloads that now power critical business applications.
Advertisement
How context enables effective AI
When these layers – network, identity, and cloud – are unified, agents can operate with clarity. Instead of guessing, they can query rich telemetry directly, enrich alerts automatically, and make deterministic decisions about whether something truly represents risk.
In an effective agentic SOC, AI doesn’t replace analysts or blindly trigger responses. It does, though, handle the heavy lifting, correlating signals, surfacing the most relevant evidence, and resolving straightforward incidents so humans can focus on complex threats.
But this only works if the underlying data is complete, structured, and accessible. Put simply, better algorithms can’t compensate for poor visibility.
Advertisement
The path forward
As enterprises race to adopt AI-driven defenses, it’s tempting to treat agents as a shortcut to cybersecurity maturity. In reality, they amplify whatever foundation already exists – good or bad.
Organizations with strong telemetry and contextual insights see meaningful gains. Those without it simply automate their blind spots.
The future SOC will absolutely include AI agents. But autonomy needs to start with making sure the system has something trustworthy to see.
AI or not, in cybersecurity, your intelligence is only as powerful as the context behind it.
The AI company is facing strong competition from rivals such as Anthropic.
OpenAI is aiming to nearly double its headcount by the end of 2026, according to a Financial Times report.
The publication estimated that current staff numbers of 4,500 would reach around 8,000 by the end of the year, citing two people with direct knowledge of the matter, and added that the new roles would largely be across product development, engineering, research and sales.
Last month, Irish media reports suggested OpenAI was looking for a new, larger Dublin premises for its European headquarters, having established its Irish presence in 2023. Then, CEO Sam Altman said that the company chose Ireland because it “blends a talented workforce with support for innovation and responsible business growth”.
Advertisement
The company is currently hiring in cities in the US, Europe, Australia and Asia.
OpenAI is facing stiff competition in its field from rivals such as Anthropic, which recently announced the planned expansion of its Dublin operation and the creation of 200 new jobs by 2027 in engineering, sales, finance, legal and compliance, and operations.
As of November 2025, Anthropic had around 300,000 enterprise customers, while OpenAI had more than 1m, but recent data shows that Anthropic is now capturing more than 73pc of all spending among companies buying AI tools for the first time, while OpenAI is down to around 27pc.
In late February, a $110bn funding round brought OpenAI’s valuation to $730bn. The round featured major contributions from Amazon, Nvidia and SoftBank – the latter of which had its outlook lowered by S&P earlier this month due to a perceived over-reliance on heavy investment in OpenAI.
You must be logged in to post a comment Login