My Twin Sons Subscribed to
1,900 YouTube Channels
For the last five years, my twin sons used my YouTube account. They're kids — they found channels they liked and subscribed to all of them. Gaming, Minecraft, random comedy, cooking videos, whatever caught their attention that week. I wasn't paying close attention. By the time I reclaimed the account, I had over 1,900 subscriptions.
When I made the decision to move seriously into cybersecurity, one of the first things I wanted to do was rebuild my information diet. I wanted to follow the right people — security researchers, cloud practitioners, people doing the work I'm trying to learn. Gerald Auger from Simply Cyber. Professor Messer. Chris Greer. Adam Marczak on Azure. But my feed was completely buried under years of my kids' subscriptions. I couldn't find anything relevant.
The obvious solution was to go through them one by one and unsubscribe. YouTube doesn't have a bulk unsubscribe feature. At one channel every 10 seconds, 1,900 channels would take over five hours of clicking. That wasn't happening.
So I built a tool instead.
The YouTube Subscription Cleaner connects to your YouTube account via OAuth, loads your full subscription list, uses AI to categorize channels by topic, and lets you bulk-unsubscribe from ones you no longer want. The goal: get from 1,900+ subscriptions down to the channels I actually care about — in an hour, not a weekend.
How the Tool Works
The architecture is straightforward: authenticate with Google OAuth, pull the full subscription list via the YouTube Data API, send each channel's name and description to an AI classifier, and bucket them into categories — Tech & Dev, Cybersecurity, News, Entertainment, Gaming, and so on. Then you review each bucket, mark channels as Keep or Remove, and generate a script that unsubscribes from everything in the Remove pile.
The first version worked. The AI correctly categorized most channels. I reviewed the buckets, marked the ones to remove, generated the unsubscribe script, pasted it into DevTools on YouTube, and hit run.
And then it broke everything.
I Broke It. Then Fixed It Manually.
The unsubscribe script ran too fast, hit YouTube's rate limits, errored out partway through, and left my subscription list in a half-processed state. Some channels were gone. Some weren't. I couldn't tell which ones had actually been removed and which had failed silently.
I stared at it for a while. I could debug the script, add rate limiting, rebuild the state tracking. Or I could just do it manually. I ended up doing it manually — going through the remaining subscriptions one by one and unsubscribing from everything I didn't want to keep. It took a few hours.
The honest version: The tool worked well enough to prove the concept but not well enough to trust with a bulk operation at scale without careful rate limiting. I learned more from breaking it than I would have from a clean first run. And the manual cleanup left me with a subscription list I actually know — about 60 channels, all intentional.
The CyberSoccer problem also surfaced during testing. A channel called CyberSoccer — a sports channel — got classified as cybersecurity because the AI was pattern-matching on the word "Cyber" without understanding context. That's a prompt engineering problem, not an AI problem. The fix is to send more context — channel description, recent video titles, subscriber count — not just the name. It's the kind of false positive that teaches you something about how classification actually works.
This Is Exactly What a SOC Analyst
Does Every Day
Somewhere around hour two of the manual cleanup, it hit me. What I was doing — loading a large volume of items, having AI classify them into categories, reviewing the classifications, and making triage decisions — is structurally identical to what a SOC analyst does with security alerts.
A SOC analyst at a defense contractor might start a shift with 500 alerts in the queue. Each one needs to be reviewed, classified, and acted on. Is this a phishing attempt? Lateral movement? A false positive? Ransomware behavior? The volume is the problem. No human can thoughtfully review 500 alerts in a shift. They skim. They miss things.
Input: 1,000+ YouTube subscriptions
AI does: Classifies by topic — Tech, News, Entertainment, Cybersecurity
Human does: Reviews categories, marks Keep or Remove
Output: Curated list, unsubscribe script
Input: SIEM log export — Splunk, Sentinel, Elastic
AI does: Classifies by threat type — Phishing, Ransomware, Lateral Movement, False Positive
Human does: Reviews categories, marks Escalate, Investigate, or Close
Output: Prioritized alert queue, triage report
The pattern is identical. Volume comes in. AI does a first pass. Human makes the judgment calls. The AI doesn't replace the analyst — it removes the noise so the analyst can focus on what actually matters.
That's AlertDesk.
What I'm Building Next
AlertDesk is a browser-based SOC triage tool. You upload a CSV export from any SIEM — Splunk, Microsoft Sentinel, Elastic, or even a manually formatted log file — and the tool runs AI classification on every alert, organizing them into threat categories with severity scoring.
For each alert the analyst can mark it as Escalate, Investigate, or Close. The tool tracks verdicts, generates a triage report, and exports findings — producing exactly the kind of documented evidence that CMMC assessors want to see for incident response and monitoring controls.
Why this matters for defense contractors: CMMC Level 2 requires continuous monitoring and incident response capability — but most small and mid-size defense subcontractors don't have a dedicated SOC. AlertDesk is designed for exactly that gap: giving a non-specialist the ability to systematically review security logs and produce documented triage decisions without needing a team of analysts.
The CyberSoccer problem matters here too. False positive classification in a SOC context isn't funny — it's how real threats get missed. AlertDesk uses channel name plus description plus recent behavior patterns to classify, and it's designed to be explicit about its confidence level. A low-confidence classification gets flagged for human review, not auto-closed.
The YouTube Cleaner Is Live Now
The YouTube Subscription Cleaner is live and working — rate limiting and all. If your subscription feed has become noise, it's worth running. Connect your account, let the AI sort your channels, review the categories, and clean house.
AlertDesk is an active prototype — upload a sample SIEM CSV and see how it classifies your alerts. If you work in security operations or are a defense contractor trying to get a handle on log monitoring, I'd love to hear how it fits your workflow.