Mythos may be the biggest cybersecurity AI announcement we’ve seen so far but is it actually a revolution for attackers, or just another overhyped AI moment? In this episode, Ahmed Achchak (CEO of Qevlar AI) sits down with cybersecurity consultant Dave McKenzie to break down what Mythos really changes for defenders, why most organizations are focusing on the wrong risks, and what SOC teams should prepare for now.

You’ll discover:

• Why Mythos is less about “AI hacking the world overnight” and more about accelerating targeted attacks.
• The hidden operational problem AI creates for SOCs: more signals, more vulnerabilities, and more difficult prioritization decisions.
• Why patching everything is no longer realistic and how mature teams should think about exposure instead.
• How AI can actually help defenders by connecting weak signals humans would normally miss.
• Why regulatory frameworks like PCI DSS may become unexpectedly painful in an AI-driven vulnerability landscape.

Agenda:

00:00 – Introduction: Is Mythos hype or a real shift for defenders?

02:16 – What Mythos actually changes in cybersecurity

06:11 – Why AI won’t “hack the world overnight”

09:22 – The SOC workflows most likely to break first

13:18 – How AI can help defenders connect weak signals

16:48 – Why patching everything no longer works

20:46 – The overlooked compliance and business risks

26:18 – Why prioritization becomes the key SOC capability

27:20 – Wrap-up: What defenders should focus on next

Follow Dave McKenzie on LinkedIn: https://www.linkedin.com/in/davewmckenzie/

Follow Ahmed Achchak on LinkedIn: https://www.linkedin.com/in/ahmed-achchak-872554109/

Stay tuned for updates from Qevlar AI: https://www.linkedin.com/company/qevlar

Curious to learn how Qevlar AI can automate alert investigation and help your SOC scale against increasingly complex attacks?

Head to: www.qevlar.com

AI is making security operations faster but not necessarily smarter. In this episode, Ahmed Achchak (CEO & Co-founder of Qevlar AI) sits down with Raffael Marty, cybersecurity veteran and early pioneer of SIEM and security analytics, to unpack why SOCs still struggle to understand attacks and what’s been missing all along: a true intelligence layer.

You’ll discover:

→ Why 20+ years of SIEM and correlation technologies still leave analysts reconstructing attacks manually

→ What actually broke in the evolution from early context-rich systems to today’s event-driven detection models

→ Why adding “AI on top” of existing tools doesn’t fix the core problem

→ How to capture analyst decisions and unlock a new layer of institutional knowledge

→ What an intelligence layer really is and how it changes the way investigations happen

→ How shifting from alerts to risk and campaigns reshapes security operations

Agenda:

00:00 – Introduction: Why SOCs still can’t connect the dots

02:16 – What broke in SIEM and why correlation failed

04:23 – Why alerts are a flawed foundation

07:42 – From alerts to campaigns: a new way to investigate

10:57 – Turning analyst knowledge into an intelligence layer

15:08 – Why LLMs need structured context (and where they fail)

20:27 – Moving to risk-based, AI-driven SOC operations

24:49 – Fire Round: AI-ready SOCs, the end of tiers, and future skills

Follow Ahmed on LinkedIn: https://www.linkedin.com/in/ahmed-achchak-872554109/

Follow Raffael Marty on LinkedIn: https://www.linkedin.com/in/raffy/

Get more of Raffael’s insights on his blog: https://raffy.ch/blog/

Stay tuned for Qevlar AI updates: https://www.linkedin.com/company/qevlar

Curious to learn how Qevlar AI can help you build an intelligence layer that turns alerts into real understanding? Head to: qevlar.com

Security teams often try to improve their SOC by adding more tools. Mature organizations approach the problem differently: they design systems. The real leverage comes from architecture — how telemetry, detections, identities, and workflows fit together into a coherent operational platform.

In this episode, Ahmed Achchak (Co-founder & CEO of Qevlar AI) speaks with Demetrius Comes, VP of Security at Squarespace, about why the biggest operational gaps in security come from poorly designed systems rather than missing alerts. Drawing on his background in engineering and product development, Demetrius explains why SOCs benefit from thinking like architects, not just tool buyers.

You’ll discover:

→ Where the line is between a true SOC system and a stack of disconnected security tools.

→ How engineering thinking helps design more resilient and scalable security operations.

→ Why logging and telemetry decisions made early can create years of operational friction.

→ What a well-designed security data layer actually looks like in practice.

→ How to prevent your SOC architecture from slowly drifting into a patchwork of historical decisions.

Agenda

00:00 – Introduction: Why SOC performance is really an architecture problem

01:13 – The difference between a SOC system and a pile of tools

02:58 – How engineering thinking shapes security architecture decisions

03:18 – Deciding what to build, buy, or integrate in a modern security stack

05:18 – The rising challenge of non-human identities in modern systems

07:16 – Architectural mistakes that create years of SOC inefficiency

08:53 – Why missing or poorly designed logging breaks detection programs

10:20 – Designing a security data layer that can evolve with the product

11:13 – Operational readiness reviews and why security must be part of feature releases

12:23 – Preventing architecture drift with retrospectives and continuous improvement

13:30 – Fire Round

Follow Demetrius on LinkedIn: https://www.linkedin.com/in/demetriuscomes/

Follow Ahmed on LinkedIn: https://www.linkedin.com/in/ahmed-achchak-872554109/

Stay tuned for Qevlar AI updates: https://www.linkedin.com/company/qevlar/

Curious to learn how Qevlar AI can automate your alert investigation so your team can focus on the alerts that matter? Head to: qevlar.com