Tech Explained: Here’s a simplified explanation of the latest technology update around Tech Explained: The AI startup cutting SOC investigations to 3 minutes just raised $30M — TFN in Simple Termsand what it means for users..
SOC teams are overwhelmed by alerts. For example, Forrester says just three attack types can create thousands of alerts every day. Without extra staff, teams remain reactive and miss out on strategic work, such as threat hunting and improving security posture.
Qevlar AI’s autonomous SOC platform accelerates investigations through data enrichment, pattern detection, and reporting. It cuts investigation time from hours to just three minutes, a tenfold improvement, while covering all alerts around the clock.
Clients such as Mercedes-Benz, Sodexo, Orange Cyberdefense, ECI, and Atos use it to move from constant firefighting to tackling root causes.
The company recently raised $30M in a round co-led by Partech and Forgepoint Capital International, with EQT Ventures & Growth participating, to develop its platform into a fully AI SOC that measurably improves security postures.
Free SOCs from alert overload so they can focus on proactive defence
Founded in 2023 by CEO Ahmed Achchak and Hamza Sayah, Qevlar AI was born from firsthand pain. They saw SOCs measuring success by how many alerts they closed, not by how many risks they actually prevented. Analysts were stuck in a loop, while real threats slipped through the cracks. That’s what pushed the team to rethink security ops from the ground up.
Ahmed Achchak, co-founder and CEO of Qevlar AI, shares with TFN, “Qevlar was created to solve this structural problem by making alert investigation fully autonomous using AI. The vision is to remove the investigative burden from analysts entirely and allow security teams to move from reactive alert triage to proactive security operations.”
Qevlar’s AI platform handles everything from Level 1 investigations, such as enrichment and correlation, to Level 3 remediation insights on its own. It turns isolated alerts into unified intelligence from thousands of signals. The system learns from each case to reduce future alerts while maintaining quality and depth at scale.
“Qevlar builds an autonomous investigation platform for Security Operations Centres. The platform automatically investigates security alerts by correlating detection signals and telemetry across the entire security stack, including SIEMs, EDRs, identity systems, and threat intelligence sources. Its goal is to surface real incidents quickly while eliminating large volumes of false positives,” explains Achchak.
Qevlar stands out for true end-to-end autonomy beyond triage, root-cause analytics that reduce recurring alerts, and strong adoption by Fortune 500 companies and MSSPs.
Unlike broad SIEM providers like Splunk or Elastic, which require significant analyst input, Qevlar fully automates investigations. It goes beyond alert-focused startups like Torq or Vulcan Cyber by providing insights that improve security posture. This makes it a comprehensive AI SOC layer on top of existing tools.
What about diversity?
On diversity, Achchak comments, “Qevlar AI brings together people from more than 10 nationalities. The team also spans a wide range of professional experience, with over 40 years between the youngest and most experienced team members. This mix combines early-career talent with seasoned experts in AI, cybersecurity, and enterprise software.”
So, what’s next for Qevlar?
The $30M funding will speed up Qevlar’s plans by improving AI for predictive threat hunting, expanding Level 3 automated remediation, and strengthening integrations with MSSP systems worldwide. In the near term, they aim to expand geographically beyond their current customers, reach more enterprises in EMEA and APAC, and scale to handle ten times the alert volume.
Long term, Qevlar’s aiming to be the go-to intelligence layer for SOCs everywhere, turning every investigation into stronger, enterprise-wide security resilience.
Achchak concludes, “Qevlar aims to become a foundational layer of the SOC, enabling security teams to move from reactive alert-focused units toward proactive, intelligence-driven security operations.”