Rethinking Security Operations in the Age of AI
- Crogl
- Jun 11
- 3 min read
“We didn’t wake up one morning and say, ‘Hey, this cybersecurity thing looks cute.’ This is all we know.”
That’s how Monzy Merza, Co-founder and CEO of Crogl, opens his conversation with Alan Shimel during a recent appearance on Techstrong TV. And it’s more than a sentiment - it’s the foundation of Crogl’s worldview.
Merza has spent decades working across the security spectrum—from national weapons labs to Splunk and Databricks. But before founding Crogl, he did something unusual for a startup CEO: he went back inside the system. “I worked for one of the largest banks in the world on their cybersecurity team,” Merza said. “I wanted to truly understand the day-to-day problems practitioners face. Not just from the outside looking in.”
What emerged from that experience wasn’t just a product, but rather, a mission: to make every security analyst as effective as an entire team.
Too Many Tools, Too Much Noise
As security operations become more complex, tools are becoming part of the problem. “We heard it again and again,” Merza shared. “There are too many tools, too many schemas, too many programming languages. And there’s too much expected of every practitioner.”
According to Merza, this is an unrealistic expectation. It’s all but impossible to be fluent in a dozen platforms, explain identity flows, debug email headers, and secure cloud infrastructure. “We don’t ask a cardiologist to also be a dentist and a baker. But in security, we expect a single human to cover it all.”
This cognitive overload isn’t just unfair. It’s unsustainable.
A View from the Inside: What Security Work Really Looks Like
At the heart of Crogl’s approach is a simple question: what is the actual work to be done? And for most SOC teams, it’s tickets - alerts that need to be triaged, analyzed, and resolved.
But solving tickets isn’t as simple as clicking “resolve.” It requires pulling data across different stores, chasing signals through fragmented logs, and interpreting context that isn’t always obvious. The kicker? That data is rarely normalized.
“I invite anyone to tell me their data is fully normalized,” Merza said. “It isn’t. Not even close. So why are we building tools that assume it is?”
Crogl’s answer is novel: don’t force normalization. Learn the data as it exists, just like an analyst does. “That’s why we treat this as a knowledge graph problem, not a normalization problem,” Merza explained. “Crogl doesn’t require schema mapping. It adapts to your environment and works with what’s there.”
AI Security Operations are an Amplifier, Not a Replacement
As AI continues to reshape every corner of the enterprise, cybersecurity is experiencing a new kind of pressure. Leaders talk about “AI replacing the analyst,” but Merza is quick to challenge that. “Anyone who says that has obviously never worked the job,” he stated.
Crogl’s vision of AI is different. It's a compound AI system that was not built to automate the analyst out of existence. It’s designed to amplify their intuition and accelerate their impact.
“We see our platform as a superhero suit,” said Merza. “It’s a tool that lets the practitioner operate with more power, more knowledge, and better reasoning without having to become a generalist across 17 platforms.”
The Inflection Point Is Here
The interview closed on a note of urgency and optimism. AI isn’t just a trend, it’s a transformation. “This isn’t just a tech industry inflection point,” Merza explained. “This is more like when the internet went commercial. It’s changing the way people work and live. Security teams have to scale alongside that.”
Merza noted that as business users grow more productive with AI, security teams must evolve in parallel. “If a user is now doing five times the work they were doing five years ago, the security team must protect five times the surface.”
Putting the Analyst Back at the Center
Security operations have never been more complex - or more critical. As threats continue to evolve and the pace of business accelerates, the pressure on security teams continues to mount. But as Monzy Merza made clear in this conversation, the solution isn’t replacing the analyst. It’s amplifying them.
The path forward lies in removing friction, not expertise. Analysts shouldn’t be buried under a dozen tools, forced to normalize inconsistent data, or expected to be experts in every domain. Crogl is built on the belief that the analyst is the core of the SOC. Security teams don’t need another dashboard, they need a force multiplier. By enabling them to move faster with clarity, context, and confidence, we’re not just modernizing operations—we’re putting people back in control of outcomes.