Conifers launches AI platform to unify SOC workflow

Conifers has launched an agentic artificial intelligence platform for security operations centres, designed to unify the full SOC workflow in a single system.

The launch comes as cyber security groups warn that artificial intelligence is accelerating the discovery and exploitation of software vulnerabilities, leaving defenders with less time to respond.

Based in Dallas and Tel Aviv, Conifers built the product on its CognitiveSOC platform for organisations trying to manage attacks that move faster than human-led processes. It combines threat intelligence, threat hunting, detection engineering, investigation and remediation in one platform.

Many SOCs still rely on separate tools and teams, slowing responses to new threats. Conifers says its model connects those functions in real time through what it calls an agentic fabric, with each stage of the workflow feeding into the next.

How it works

Conifers says the threat intelligence function continuously updates an organisation's threat landscape and highlights relevant adversary activity. Its threat hunting function runs around the clock across the customer environment, feeding findings into detection and investigation.

The detection engineering component writes, deploys and tunes detections based on intelligence, hunts, investigations and response outcomes. Investigation is designed to work across existing security tools, while remediation can carry out response actions within customer-defined limits rather than relying on fixed playbooks.

Each action taken by an agent is accompanied by a reasoning chain and evidence trail, according to Conifers. Customers set the scope and authority of those agents, with autonomy intended to expand over time as confidence grows, shifting operations from human oversight of individual steps to broader supervisory control.

Industry pressure

The product arrives as the cyber security industry grapples with the prospect that the same advances in AI available to defenders are also being used by attackers. Google's Threat Intelligence Group recently disclosed what it described as the first confirmed zero-day exploit developed with AI and used by criminal actors preparing a mass exploitation campaign.

The development has added to concerns among security leaders that the traditional SOC operating model is under strain. Teams often have to work across a patchwork of endpoint, identity, cloud, email and ticketing systems, creating delays in triage, investigation and remediation.

Conifers says its software sits on top of customers' existing security tools and supports more than 60 integrations across EDR, identity, cloud, email and IT service management platforms. Organisations do not need to replace their current stack, and the platform can be onboarded in two to four hours, it says.

Backers of the business include SYN Ventures, PICUS Capital and Washington Harbour Partners. Conifers sells its technology to enterprises and managed security service providers.

Tom Findling, chief executive and co-founder of Conifers, linked the launch to a wider shift in the threat landscape.

"Sophisticated frontier AI models are already in attackers' hands, enabling them to discover and weaponize vulnerabilities faster than ever before. At today's attack volume and speed, the traditional human-paced security operations model no longer works," Findling said.

He said defenders would need to cut response times sharply as AI-assisted attacks become more common.

"As we've seen with Anthropic's Claude Mythos Preview and others, a new wave of zero-day vulnerabilities is coming, and security teams no longer have weeks to adapt. Operations teams will need to respond in minutes. Every function within the SOC must become agentic and work together as one coordinated system to combat the threats security professionals now face. That's what we've built: a unified AI-driven SOC platform grounded in trust, transparency, and governance, because AI in the SOC cannot be a black box," Findling said.