MSSPs are at an inflection point today as they try to integrate AI into their operations, according to
Tom Findling. They are deciding whether to build that capability in-house or buy it from third parties.
“Larger providers are trying to build AI capabilities in-house, but many realize it’s harder than expected, technically and operationally,” Findling, co-founder and CEO of early-stage startup
Conifers.ai, told MSSP Alert. “Embedding AI into the detection-and-response process, rather than layering it on top, takes a deep understanding of workflows, data, and outcomes.”
Conifers.ai is giving MSSPs a new choice – a program that makes it easier for those managing security operations centers (SOCs) and detection-and-response operations to adopt its agent AI-powered platform. AI agents are the latest step in the rapid and ongoing evolution of generative AI, small systems that can act autonomously to solve complex problems.
Where chatbots like
OpenAI’s ChatGPT,
Google’s Gemini, and
Microsoft’s Copilot are reactive and respond to user prompts; AI agents take a proactive approach. Once given a problem to solve, they can independently gather information, strategize or plan the necessary steps, adapt to changes, and even collaborate with other agents to achieve a desired outcome.
Adding AI Agents to the Mix
For SOCs, AI agents can bring a deeper level of understanding to what security teams are seeing, said Findling, whose background includes time with
Rapid7 and
VMware, and even the Israel Defense Forces.
“Instead of automating isolated tasks, AI Agents learn from each environment, evolve with changing threats, and enable analysts to make better, faster decisions,” he said. “This kind of AI doesn’t just handle alerts. It transforms them into context-rich stories, prioritizing real threats and recommending next steps.”
Most alerts aren’t actionable, leaving defenders to sift through them to determine what needs attention and what doesn’t.
“Agentic AI helps the SOCs shift their approach from reactive to proactive,” Findling said. “By reducing the noise and surfacing high-quality signals, agentic AI lets analysts do the work only humans can: applying experience, intuition, and judgment in high-stakes scenarios.”
AI for Better Operations and Defenses
A broad array of cybersecurity vendors are rushing to integrate more AI capabilities into their offerings to help organizations’ security teams and MSSPs and other services providers reduce complexity in their operations and better address AI-powered cyberattacks. Most recently, SOCRadar launched an
AI-based cybersecurity assistant, Cisco introduced
new innovations and partnerships to help companies adopt AI for security operations, and Google introduced its own
agentic AI SOCs.
Conifers.ai, which has offices in Tel Aviv, Israel, and Dallas, Texas, was founded last year. The company formally launched and announced a $25 million fundraising round from investment firms,
SYN Ventures and
Picus Capital in January this year.
MSSP Benefits
The program which was unveiled this week is a way to entice MSSPs to adopt the vendor’s Conifers.ai’s CognitiveSOC platform, which continuously ingests data from security events and runs investigations into each. For MSSPs, a key advantage is the platform’s ability to absorb client-specific knowledge and tech stack details to generate tailored investigations and dashboards that support targeted responses. The startup claims it can handle everything from basic Tier 1 alerts to complex Tier 3 incidents, cutting investigation time by up to 87%
For MSSPs operating SOCs and MDR services, the platform enables them to support more clients without increasing headcount—helping improve margins and stay competitive. Additional benefits include greater productivity and efficiency, reduced risk, demonstrable ROI, support for multi-tiered service offerings, predictable pricing models that expand profit margins, seamless integration with existing tools, and streamlined onboarding.
Fighting AI with AI
Also, by adding agentic AI capabilities to their operations, MSSPs can address the increasing complexities they face and
counter the use of AI by threat actors in a “fighting fire with fire” way, Findling said.
“Attackers have embraced AI to increase speed and scale, from generating realistic phishing emails to writing malware,” the CEO said. “Defenders simply can’t keep up with these threats using traditional approaches. Many MSSPs realize that piling on more tools and dashboards doesn’t drive better outcomes. It spreads the complexity around. AI can cut through that chaos by streamlining incident investigation and reducing the burden on analysts.”
This is where the build-vs.-buy question comes in, which raises related issues.
“MSSPs are also asking a bigger question: What is our role in an AI-powered security future?” he said. “The value proposition is shifting. It’s no longer just about staffing and alerts. It’s about delivering smarter, faster, and more contextualized outcomes for customers. Those who embrace AI – not as a bolt-on but as a force multiplier – are already differentiating. And for many, that means finding the right partners rather than trying to build everything from scratch.”
