Adding AI Agents to the Mix
For SOCs, AI agents can bring a deeper level of understanding to what security teams are seeing, said Findling, whose background includes time with Rapid7 and VMware, and even the Israel Defense Forces.“Instead of automating isolated tasks, AI Agents learn from each environment, evolve with changing threats, and enable analysts to make better, faster decisions,” he said. “This kind of AI doesn’t just handle alerts. It transforms them into context-rich stories, prioritizing real threats and recommending next steps.”Most alerts aren’t actionable, leaving defenders to sift through them to determine what needs attention and what doesn’t.“Agentic AI helps the SOCs shift their approach from reactive to proactive,” Findling said. “By reducing the noise and surfacing high-quality signals, agentic AI lets analysts do the work only humans can: applying experience, intuition, and judgment in high-stakes scenarios.”
AI for Better Operations and Defenses
A broad array of cybersecurity vendors are rushing to integrate more AI capabilities into their offerings to help organizations’ security teams and MSSPs and other services providers reduce complexity in their operations and better address AI-powered cyberattacks. Most recently, SOCRadar launched an AI-based cybersecurity assistant, Cisco introduced new innovations and partnerships to help companies adopt AI for security operations, and Google introduced its own agentic AI SOCs.Conifers.ai, which has offices in Tel Aviv, Israel, and Dallas, Texas, was founded last year. The company formally launched and announced a $25 million fundraising round from investment firms, SYN Ventures and Picus Capital in January this year.
MSSP Benefits
The program which was unveiled this week is a way to entice MSSPs to adopt the vendor’s Conifers.ai’s CognitiveSOC platform, which continuously ingests data from security events and runs investigations into each. For MSSPs, a key advantage is the platform’s ability to absorb client-specific knowledge and tech stack details to generate tailored investigations and dashboards that support targeted responses. The startup claims it can handle everything from basic Tier 1 alerts to complex Tier 3 incidents, cutting investigation time by up to 87%For MSSPs operating SOCs and MDR services, the platform enables them to support more clients without increasing headcount—helping improve margins and stay competitive. Additional benefits include greater productivity and efficiency, reduced risk, demonstrable ROI, support for multi-tiered service offerings, predictable pricing models that expand profit margins, seamless integration with existing tools, and streamlined onboarding.
Fighting AI with AI
Also, by adding agentic AI capabilities to their operations, MSSPs can address the increasing complexities they face and counter the use of AI by threat actors in a “fighting fire with fire” way, Findling said.“Attackers have embraced AI to increase speed and scale, from generating realistic phishing emails to writing malware,” the CEO said. “Defenders simply can’t keep up with these threats using traditional approaches. Many MSSPs realize that piling on more tools and dashboards doesn’t drive better outcomes. It spreads the complexity around. AI can cut through that chaos by streamlining incident investigation and reducing the burden on analysts.”This is where the build-vs.-buy question comes in, which raises related issues.“MSSPs are also asking a bigger question: What is our role in an AI-powered security future?” he said. “The value proposition is shifting. It’s no longer just about staffing and alerts. It’s about delivering smarter, faster, and more contextualized outcomes for customers. Those who embrace AI – not as a bolt-on but as a force multiplier – are already differentiating. And for many, that means finding the right partners rather than trying to build everything from scratch.”
link