The MSSP vs. Enterprise Divide: How Autonomous AI Changes the SOC Service Model ft. Erik Bloch @illumio

Show Notes

In this episode, Ahmed Achchak (CEO & co-founder of Qevlar AI) sits down with Erik Bloch, VP of Security at illumio and former SOC leader at Salesforce and Atlassian, to explore how AI is blurring the traditional divide between MSSP and enterprise SOCs.

Erik breaks down why MSSPs operate like standardized, metric-driven service products, while enterprise SOCs remain bespoke, and how autonomous AI might flip the script.

You’ll discover:

→ Why AI fits naturally into MSSP workflows but struggles in enterprise SOCs (and what is needed to fix it for maximum results)

→ What MSSPs get right about process and measurement and what enterprises can learn from it

→ How autonomous agents could unlock deep personalization at scale for MSSPs

→ The people and process blockers holding back AI adoption in the enterprise

→ Why phishing is still every SOC’s biggest time sink and how AI can actually help

→ What vendors overhype about AI and what they should focus on instead

Agenda:

00:00 – Intro: How AI blurs the MSSP vs. enterprise SOC line

03:21 – Where AI fits today and where it fails

03:57 – MSSPs run on process; enterprises run on chaos

06:36 – Can autonomous AI personalize without breaking scale?

07:12 – Remove the haystack vs. hunt the needle

10:58 – What AI can offload to help SOC teams do real work

12:17 – Why phishing still dominates SOC workload

13:46 – Fire Round: One alert type to ban forever

18:47 – What MSSPs and enterprises should learn from each other

19:30 – The AI pitch vendors love that nobody actually needs

Follow Erik Bloch on LinkedIn:

https://www.linkedin.com/in/erikbloch/

Follow Ahmed on LinkedIn:

https://www.linkedin.com/in/ahmed-achchak-872554109/

Learn how Qevlar AI automates alert investigation so your analysts don’t burn out: www.qevlar.com