AI Agents vs. AI Agents: The Future of Security Operations | Interview with Monzy Merza
In this Secure and Simple Podcast episode, host Dejan Kosutic from Advisera interviews Monzy Merza, co-founder and CEO of Crogl, about how cybersecurity is shifting to an “agent versus agent” world where attackers task AI agents to run fast, low-cost, sophisticated campaigns without human approvals. Merza outlines core security operations activities—preparation/tooling, alert investigation, and response—and explains how AI is changing each, including AI SOC agents that automatically connect to multiple data sources, enrich alerts, run MITRE kill chain analysis, and produce investigation reports, as well as AI-driven response actions and documentation. They discuss when humans must remain in the loop for high-impact decisions, how organizations build trust through phased adoption with measurable use cases, why roles may shift from analysts to more security engineers, and governance needs like flexible integrations, model choice, and transparency in AI security tools.
Links from the episode:
- Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software
- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
- Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account
- Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t
- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining
- Crogl company https://crogl.com/
- 2026 State of SecOps Report https://www.crogl.com/newsroom/state-of-secops-ai
Links from the episode:
- Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software
- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
- Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account
- Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t
- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining
- Crogl company https://crogl.com/
- 2026 State of SecOps Report https://www.crogl.com/newsroom/state-of-secops-ai
- (00:00) - Interview with Monzy Merza
- (00:58) - Agent vs Agent Threats
- (03:22) - Three Phases of SecOps
- (05:53) - AI SOC Investigation Example
- (08:41) - Autonomy vs Human in the Loop
- (12:48) - Human Only Decisions
- (16:43) - Building Trust and Maturity
- (19:07) - Future Security Roles
- (24:24) - AI Change Wave
- (27:08) - Testing AI Maturity
- (29:25) - Governance Framework Gap
- (31:15) - Policy Meets Hallucinations
- (34:50) - Business Alignment Example
- (37:14) - Governance Requirements
- (41:57) - SOC Roles Reshaped
- (47:26) - Resources for Consultants and Cybersecurity Professionals
Creators and Guests
