SuperSOC: Conversations with the People Shaping the Future of Security Operations

From Playbooks to Agents: Rethinking Automation in the SOC with Filip Stojkovski

Qevlar AI Season 1 Episode 1

Share episode

Most “AI-powered” security tools are just brittle automation wearing a fancy badge. In this episode, Qevlar AI CEO Ahmed Achchak sits down with cybersecurity automation expert Filip Stojkovski to ask the hard questions:

Why are L1/L2 workflows still broken?
What separates true AI agents from glorified SOAR playbooks?
And how can you actually measure whether AI is making smart decisions or just moving faster?

They break down the limits of traditional automation, expose “AI SOC” vendor red flags, and map a real path toward autonomous, human-aligned security operations.


Agenda:

00:00 – Why L1/L2 workflows are broken

01:13 – Are we automating… or just duct-taping faster?

02:44 – AI SOAR vs. autonomous agents: what’s the real difference?

03:09 – When automation becomes a maintenance nightmare

04:46 – What humans still do better in the SOC

06:20 – AI ROI: why speed isn’t the right metric anymore

08:00 – Metrics successful SOCs measure

10:32 – How to spot fake “AI SOC” vendors

13:27 – Where to start if you want true autonomy

15:06 – Fire Round: The truth about AI in security


Follow Filip on LinkedIn: https://www.linkedin.com/in/filipstojkovski/


Filip's blog: 

https://www.cybersec-automation.com/


Follow Ahmed on LinkedIn:

https://www.linkedin.com/in/ahmed-achchak-872554109/


Stay tuned for Qevlar AI updates:

https://www.linkedin.com/company/qevlar/


Curious to learn how Qevlar AI can automate your alert investigation so your team can focus on the alerts that matter?

Head to: https://www.qevlar.com/