EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess?

EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess?

From Cloud Security Podcast by Google by Anton Chuvakin

April 9, 2026 · 27 min · Season 1 · Episode 271

About this episode

The episode discusses the potential of AI-native MDR to improve SOC workflows and the challenges faced by organizations with outdated SIEM systems.

Guests: Eric Foster , CEO, Tenex.AI Bashar Abouseido , President, Tenex.AI Topics: "10X SOC" sounds great. But for an organization stuck in "SIEM 1.0" with poor data quality and manual workflows, is "AI-native MDR" a "leapfrog" opportunity or a recipe for disaster? We've seen the rise of "Decoupled SIEM" and security data lakes. Does a "Modern SIEM" even need to exist if an MDR platform has an agentic layer doing the heavy lifting? You've argued for AI-native over AI-bolted-on. For an end user, what are the tangible differences of using "AI inside a legacy SIEM" versus using an "AI-native separate product"? What is the one task you thought AI would handle by now that still requires a senior human analyst to step in? If a CISO is using an AI MDR, "Mean Time to Detect" (MTTD) starts to look like a vanity metric because the machine is instant. What is the new golden metric for an AI-powered SOC? Is it "Time to Context," "Reduction in Human Toil," or something else? How do you help a skeptical SOC Manager—who has been burned by false positives for a decade—trust an autonomous agent to perform a "containment" action at 3:00 AM? Resources: EP227 AI-Native MDR: Betting on the Future of…

People in this episode

Host: Anton Chuvakin

Guests: Eric Foster, Bashar Abouseido

Topics covered

  • AI-native MDR
  • SOC workflows
  • SIEM modernization
  • security operations
  • false positives
  • autonomous agents

Keywords

  • AI-native MDR
  • SOC
  • SIEM
  • security operations
  • false positives
  • Mean Time to Detect
  • Time to Context
  • human toil

Mentioned in this episode

Organizations: Tenex.AI

Books & works: 10X SOC, Decoupled SIEM, Modern SIEM, AI-native MDR, AI inside a legacy SIEM, Time to Context, Reduction in Human Toil, Mean Time to Detect, Autonomic Security Operations: 10X Transformation of the Security Operations Center

More episodes of Cloud Security Podcast by Google

Explore listener stats, chart rankings, contacts and more on the Cloud Security Podcast by Google podcast page.