The cybersecurity industry continues to struggle with rising threats exacerbated by agentic AI outpacing security teams and security operations centers (SOCs). Recent news about some of the latest advancements is only deepening the concerns.
These include
Anthropic’s Mythos Preview frontier AI model and its capabilities to not only detect hard-to-find vulnerabilities but also quickly generate exploits for them, including
Google’s report earlier this month that detailed a
zero-day exploit developed using AI by a group of threat actors planning a “mass vulnerability exploitation operation.”
Tom Findling, co-founder and CEO of cybersecurity startup
Conifers,
said in a statement that “sophisticated frontier AI models are already in attackers’ hands, enabling them to discover and weaponize vulnerabilities faster than ever before. At today’s attack volume and speed, the traditional human-paced security operations model no longer works.”
Conifers offers its AI-driven CognitiveSOC platform that enterprises and MSSPs can use to unify their security operations on a single fabric. This week, the vendor unveiled its agentic SOC tool, built atop CognitiveSOC and delivering a range of agents for threat intelligence to update users’ threat landscape, threat hunting, detection engineering based on intelligence and hunts, investigations across security tools, and autonomous remediation.
Keeping up with AI-driven threats
The new capabilities are important for both security SOC teams and MSSPs given the rapidly evolving trends driven by AI, Findling told MSSP Alert.
“First, the adversary has changed,” he said. “Frontier AI has compressed the time from vulnerability disclosure to weaponization from weeks to minutes. Attackers can now find, chain, and exploit weaknesses at machine speed. Human-speed defense cannot keep up.”
Findling added that “SOC economics are breaking. Alert volume keeps rising, analyst hiring is not keeping pace, and teams are still stitching together 10-plus tools with humans bridging the gaps.”
A challenge for MSSPs
There is a particular challenge for MSSPs, who have to address these issues across dozens to hundreds of clients, with the window from disclosure to exploitation collapsing from weeks to minutes with the introduction of the newest frontier models, which threat actors are also using.
“An MSSP protecting 300 customers has to assess and act across all of them in the time an enterprise has to handle one,” the CEO said. “Customers know this, and they’re asking providers directly whether they’re using AI to keep up. MSSPs with a credible answer will win renewals; those without one will fall behind.”
Conifers’ agentic SOC was built for MSSPs, Findling said, noting that it’s natively multi-tenant, only takes two to four hours to onboard a tenant, and works with the tools that services providers and their clients already run.
Personalized services at scale
It allows managed security services providers to personalize their service at scale, with each tenant getting threat intelligence, detections, hunts, and investigations tuned to their environment, investigations taking hours rather than days to complete, and the ability for every signal coming into the platform to improve every stage of the defense.
The unified fabric puts those tasks onto a single operating surface with shared memory, so a hunt will feed detection engineering while an investigation can improve detections and intelligence.
“That is the only viable defense against agentic adversaries, and it gives MSSPs a strong answer to customers asking how they’ll stay ahead,” Findling said. “The net effect: MSSPs can take on more clients, deliver better service per client, and protect margins without proportional headcount growth. Analysts move from executing every step to supervising outcomes, where their judgment creates the most value.”
Agentic SOCs hitting the market
Conifers’ agentic SOC fits in with most of the five
cybersecurity predictions for 2026 that Conifers executives outlined earlier this year, from agentic AI-based cyberattacks going operational to using AI to protect against AI-driven threats to industry-specific security agents becoming the norm.
That said, Conifers isn’t the first vendor to introduce an agentic SOC.
Andrew Braunberg, principal analyst with
Omdia,
wrote late last year that SOCs have been a staple of cybersecurity efforts since 2000 and that in recent years, the demand to contain costs has been a key driver behind ongoing SecOps innovation, from extended detection and response (XDR) to SOAR tools.
“Now, agentic AI represents the latest evolution in cost-effectively scaling security operations, with startups entering the market and established vendors rapidly integrating agentic capabilities through internal development or acquisition,” Braunberg wrote.
Differentiating from competitors
Findling said Conifers’ agentic SOC differs from other tools in the crowded space in several ways. In particular, it’s an end-to-end solution, not a point tool, the CEO said. While many AI SOC vendors automate a slice, such as Tier 1 triage or alert summarization, Conifers covers the full lifecycle, from threat intelligence to response.
“For an MSSP running across hundreds of tenants, half a solution does not just slow you down, it fails the business,” he said.
In addition, it’s built for MSSPs and their multi-tenant environments, it learns each tenant’s policies, policies, and institutional knowledge, and is governed and transparent, which means analysts and clients can see why each decision was made.
“The key is the combination,” Findling said. “Plenty of vendors have one or two of these pieces. Conifers is built around all five, because the agentic SOC only works when the whole operating model changes.”