
EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess?
From Cloud Security Podcast by Google by Anton Chuvakin
April 9, 2026 · 27 min · Season 1 · Episode 271
About this episode
The episode discusses the potential of AI-native MDR to improve SOC workflows and the challenges faced by organizations with outdated SIEM systems.
Guests: Eric Foster , CEO, Tenex.AI Bashar Abouseido , President, Tenex.AI Topics: "10X SOC" sounds great. But for an organization stuck in "SIEM 1.0" with poor data quality and manual workflows, is "AI-native MDR" a "leapfrog" opportunity or a recipe for disaster? We've seen the rise of "Decoupled SIEM" and security data lakes. Does a "Modern SIEM" even need to exist if an MDR platform has an agentic layer doing the heavy lifting? You've argued for AI-native over AI-bolted-on. For an end user, what are the tangible differences of using "AI inside a legacy SIEM" versus using an "AI-native separate product"? What is the one task you thought AI would handle by now that still requires a senior human analyst to step in? If a CISO is using an AI MDR, "Mean Time to Detect" (MTTD) starts to look like a vanity metric because the machine is instant. What is the new golden metric for an AI-powered SOC? Is it "Time to Context," "Reduction in Human Toil," or something else? How do you help a skeptical SOC Manager—who has been burned by false positives for a decade—trust an autonomous agent to perform a "containment" action at 3:00 AM? Resources: EP227 AI-Native MDR: Betting on the Future of…
People in this episode
Host: Anton Chuvakin
Guests: Eric Foster, Bashar Abouseido
Topics covered
- AI-native MDR
- SOC workflows
- SIEM modernization
- security operations
- false positives
- autonomous agents
Keywords
- AI-native MDR
- SOC
- SIEM
- security operations
- false positives
- Mean Time to Detect
- Time to Context
- human toil
Mentioned in this episode
Organizations: Tenex.AI
Books & works: 10X SOC, Decoupled SIEM, Modern SIEM, AI-native MDR, AI inside a legacy SIEM, Time to Context, Reduction in Human Toil, Mean Time to Detect, Autonomic Security Operations: 10X Transformation of the Security Operations Center
More episodes of Cloud Security Podcast by Google
- EP275 Google Cloud Next 2026: The AI Earthquake, "SOC-home" Syndrome, and the Ragged Edge of Reality · May 4, 2026 · 20 min
- EP274 AI, Zero Trust and Secure by Design Walk into a Bar... · April 27, 2026 · 30 min
- EP273 From CISA to Cloud: AI Assurance, Concentration Risk, and the New Regulatory Frontier · April 20, 2026 · 29 min
- EP272 More Than Just Packets: Is NDR a "First-Class" Cloud Security Control? · April 13, 2026 · 34 min
- EP270 The Convenience Tax: Why We Keep Failing at Supply Chain Security · April 6, 2026 · 27 min
- EP269 Reflections on RSA 2026 - Beyond AI AI AI AI AI AI AI · March 30, 2026 · 33 min
Explore listener stats, chart rankings, contacts and more on the Cloud Security Podcast by Google podcast page.