Tom Findling, CEO and co-founder of Conifers.ai, is a seasoned cybersecurity and threat intelligence leader with over a decade of experience. Tom specializes in building and delivering innovative solutions that empower organizations to stay ahead of evolving cyber threats. At Conifers.ai, his focus is on solving today’s complex SecOps challenges to deliver tangible, measurable value and help organizations achieve their cybersecurity goals.
In this Q&A, Tom discusses his path to Conifers.ai and how it is solving critical issues security operations teams are facing today.
Why did you start Conifers.ai?
After the acquisition of IntSights by Rapid7 and my time working within their Detection & Response practice, I saw firsthand the tremendous potential to apply AI and data science to significantly enhance the way SOCs operate. That experience inspired me to found Conifers.ai — with a mission to help SOC teams become both more effective and more efficient, ultimately contributing to a safer, more secure world.
Tell me about your solution.
The Conifers CognitiveSOC™ platform offers a range of key features designed to enhance the capabilities of security operations teams. Unlike existing SOAR solutions, it acts as a true force multiplier, enabling teams to handle complex incidents with unmatched speed and accuracy while seamlessly integrating with existing tools and processes. It continuously learns based on an organization’s knowledge, becoming even more effective with time. We also make it easy to implement the technology in a staged approach at an organization’s own pace, which is particularly helpful for large enterprises who are building trust in AI, and managed security service providers (MSSPs), who may want to onboard on a tenant-by-tenant basis. All of these capabilities, combined with our disruptive pricing model, provide demonstrable ROI with predictable costs.
What industry problem does it solve?
The cybersecurity market is at a tipping point. With cyberattacks at an all-time high, organizations can no longer afford to compromise between SOC effectiveness and efficiency. The stakes are simply too high. Conifers focuses on addressing the most challenging problems faced by SecOps teams. By combining advanced AI techniques with human oversight, we enable SOC teams to tackle complex issues at scale. Our use case-based approach supports Tier 1, Tier 2, and part of Tier 3 with deep contextual investigations, empowering teams to be more proactive, expand incident coverage, reduce resolution times, and focus on higher-value tasks. This approach enables organizations to address tactical and operational challenges with consistency and precision and achieve strategic results.
How is AI changing the threat landscape?
Attackers are now leveraging AI for sophisticated, scalable attacks including personalized phishing, evasive malware, and convincing social engineering. It lowers the barrier for less skilled actors. On the defense side, AI enhances threat detection by delivering better intelligence based on institutional knowledge and context, more actionable insights and higher-quality incident response resulting in faster mitigation.
How is the SOC changing?
The SOC has undergone a significant transformation in recent years, driven by the evolving threat landscape, technological advancements like AI, and the persistent cybersecurity skills gap. The modern SOC aims to be an intelligent, adaptive, and proactive defense center, leveraging technology to empower human analysts and effectively combat the ever-increasing volume and sophistication of cyber threats. For SecOps teams to be most successful, they need savvy solutions to better manage evolving environments to reduce risk.
Enterprises are sometimes slow to adopt AI. How does Conifers build trust with their customers?
Although becoming much more mainstream throughout organizations, one of the barriers to AI adoption in cybersecurity has been a lack of trust and confidence in the technology. We address this issue by giving control via staged implementation to the organizations using our platform. They can roll out the technology incrementally, at their own pace, verifying the platform’s results at each stage. This builds trust in the technology before fully integrating it into their SOC operations. This approach has been particularly effective for enterprises and service providers with large, complex operations that are wary of disruptive changes. This gradual transition ensures that customers can achieve the benefits of AI without the risks associated with large-scale adoption.
What do cybersecurity leaders need to prioritize for the next evolution of threats?
Cybersecurity leaders can no longer afford to compromise between SOC effectiveness and efficiency. They need more innovative tools to help them keep up with the modern threat landscape and be more proactive, expand incident coverage, reduce resolution times, and focus on higher-value tasks.
