In this exclusive interview with Swapnil Bhartiya at TFiR, Benjamin “Ben” Morrell, VP of Security Strategy at Coro, discusses the structural security challenges facing lean IT teams, the architectural difference between MCP and REST API integrations, how conversational security workflows function in practice, and how Coro’s platform and MCP server are positioned to serve regulated industries, sovereign cloud environments, and the growing ecosystem of managed service providers.

What Coro Does and Who It Serves

Coro was built specifically for lean IT environments — a category that encompasses small and medium-sized businesses, medium enterprise, and managed service providers who are responsible for securing multiple client environments simultaneously. The platform consolidates the core security tooling stack — email security, endpoint protection, EDR, cloud security, and more — into a single AI-powered platform. Ben Morrell explains the company’s foundational positioning and why the lean IT category is broader and more strategically significant than the traditional SMB label implies.

Q: Let’s talk about Coro and how you evolved with these changing times.

Ben Morrell: “Coro’s been focusing on looking after lean IT environments for a long time, usually referred to as SMB, SME and everything else in that space. Anyone who sort of doesn’t have the knowledge or time to deal with security. What that means is we’ve brought together a number of your common security tooling stack into a single platform which is AI-powered within itself and has its own assistance in there. We look after everything from email security, endpoint, EDR, cloud security and a whole bunch more after that. What this meant was, since we were looking after so much of this tooling for lean IT teams, we then found that a lot of these teams were taking this venture into their AI clients — the places that they were attempting to pull information together and better understand what was happening in their environments. And this is why we came to them with the MCP server type connection, which allows us to take all this data we are generating for them already and take it into the tool sets and locations that they’re trying to combine everything together and be faster and more efficient.”

Defining the Lean IT Environment

The lean IT label is frequently misread as synonymous with scrappy or under-resourced. Morrell pushes back on that framing, situating lean IT as a category defined by role breadth rather than organizational scale — and increasingly, as a deliberate strategic model as AI enables smaller, more efficient teams to accomplish what previously required larger headcounts. Managed service providers and MSSPs occupy a particularly important position within this category.

Q: How would you define lean IT team? Because then we can also set the stage of bringing MCP to empower them.

Ben Morrell: “You have companies, for example, where the IT individual or individuals are wearing multiple hats and security happens to be one of them and is not entirely their forte, and they’ve got a lot of extra work to do. But what we’re also seeing — we’ve always had the skill shortage gap. It’s harder and harder to find skills in this space. And as everything grows, especially this big AI boom, it’s getting even harder still. So what we’re finding a lot of is AI and platforms and vendors trying to take a lot of that baseline lift and provide better outcomes that people can then make proper and informed decisions on. This also means that we find this lean IT environment within our partners — managed service providers and managed security service providers — who don’t lack it, but are instead pulling all of these different clients together and trying very quickly to give them the best value. And when they’re chasing all low-level tickets and a lot of noise, they’re not really providing the value they would hope to be providing to these companies that have outsourced to them. So this lean IT metric sort of fills all of those bottom gaps.”

What Is Broken in the Traditional Security Model for Lean IT

Tool sprawl, dashboard fatigue, and the expectation that non-specialist IT staff will develop deep expertise across a dozen security platforms have collectively created a structural breaking point. The emergence of AI-generated content, faster attack surfaces, and concepts like vibe hunting — where non-technical employees are increasingly empowered and expected to investigate and remediate issues themselves — is accelerating that breakdown.

Q: Can you walk us through what’s actually broken in that model for a lean IT team, and why that breaking point is happening right now?

Ben Morrell: “As we kind of built into this tool sprawl where we had all of these different tools all trying to do all their individual things, the lean IT felt that the heaviest because it was hard to swivel into all of these different tools, learn all of these tools to the nth degree, and work out: where should I be looking, who should I be speaking to, what system should I be operating in today in order to make that happen? There were a lot of ways to try and solve that, whether it’s bringing it all into a central location and hoping that that leverages enough of the information for someone to make informed decisions, or platforming it in order to do all of that on their behalf. AI has really given us an ability to definitely give them a lift, whether it’s in those situations where we’re bringing those tools individually together or going the platform route where those tools are already brought together and then AI can run on top of them. As you then said, we have all of these different individuals that are now targets and almost have domain over themselves as to what sort of security outcomes should be happening in their environments. It’s no longer putting your hand up and waiting for the ticket and spending an hour until someone comes around to you to say, oh, that’s malware, we’ll get that off your computer — it’s too gone at that point. So we have these human firewalls that need to be involved in security day to day. We have stretched IT teams, we have people that don’t really have the security knowledge for the threats that are happening now. And this is where we’re all trying to meet in the middle and go: how do we better improve this as an exercise for everybody involved?”

MCP vs. REST API: Why the Distinction Matters for Lean IT

The Model Context Protocol, open-sourced by Anthropic, has attracted significant attention but is frequently conflated with traditional API integration. Morrell draws a clear architectural distinction: REST APIs remain the domain of developers and integration engineers, while MCP is explicitly designed as a communication layer for LLMs — enabling Claude, ChatGPT, Gemini, and other AI clients to query external systems using the natural language that non-technical users are already prompting with. For lean IT teams who cannot afford dedicated integration engineers, that distinction is not academic — it determines whether conversational security workflows are accessible at all.

Q: What makes MCP fundamentally different, and why does that distinction matter, especially for lean IT teams who can’t afford to manage a complex integration layer?

Ben Morrell: “The obvious logical step there, as you sort of drew, was the old or still functional REST API methodology and this new MCP layer. Now fundamentally, they talk to the same business logic backend at the end of the day when it comes to us, for example, or any other system that you might be phoning to. But they serve different purposes. The MCP’s purpose is a layer that is designed specifically for your AI tooling, your LLMs, your Claudes, your ChatGPTs, your Geminis, to be able to speak to and understand what that data is when it comes back. More importantly, the leverage tools that the MCP provides to those clients should function with the natural language that someone is attempting to prompt through those clients. And this is where you start to get to that point where someone that perhaps doesn’t have the skill set or mindset to utilize a REST API, or potentially understand what they’re hunting for, can start to get to a point where they’re prompting an exercise in order to start working out: what does this mean, what action can I take, should I be taking that action, and can I take that action — all through tool sets that they’re utilizing day to day for other aspects of their business as well. So it becomes a more comfortable fit and a more easy exercise to be able to work out of a similar workspace in that regard.”

What a Conversational Security Workflow Actually Looks Like

Morrell walks through the practical mechanics of an MCP-driven security investigation, illustrating how connecting Coro’s platform to an LLM client — alongside other MCP-connected data sources like HR systems and threat intelligence platforms such as MISP — enables a lean IT team member to build a complete, contextual picture of a security event through natural language prompts alone.

Q: In practice, what does a conversational security workflow actually look like? How does MCP change the reality of logging into multiple interfaces just to piece together what’s happening?

Ben Morrell: “Firstly, yes, MCP is not security tooling — it’s a way to get into a lot of different data locations, but that can also be useful in a security context. The default sort of action is you could prompt our system to give you information on tickets or a specific ticket. That information will come back in a written format that is natural language, and you can then make a decision on it. That’s just interacting with us. The better version is once you can start bringing in other sources of information that you are also already communicating through — whether it’s other MCP systems that you’re connected to, other resources that are at your behest and availability, local resources that only you really have access to — that provides a greater and grander picture. You might, for example, pull in ticket information and it may be related to a specific user. With that information I have internally, based on what I know from my HR system — that the user is on vacation, for example — I can pull that information together and know that this ticket might be something of much more interest than just a standard something-has-happened, we-don’t-need-to-worry-about-it. If I get even more complicated, potentially with my security operations, I could be talking to an internal threat intelligence system such as a MISP server, which a lot of people like to run, which stores known threat entities and information about threats. I could take the data from the Coro ecosystem, compare it to the data I have in that MISP session — all through these prompts that I can follow through in the session — get better context, get better value, and understand: what does this mean to my company, to my network, to my systems? Is it just something that has occurred and we’ve dealt with it and everyone’s happy? Or is this a symptom of something that could potentially be larger based on external context factors that I can now bring together into this single interface that I can then prompt? Which makes everything a lot easier.”

How MCP Changes the Quality of Security Intelligence

Connecting Coro’s security data to a general-purpose LLM client does not merely replicate what was already available in the Coro portal — it changes the quality of the intelligence a lean IT team can act on by enabling real-time enrichment from external sources. Morrell illustrates the difference using the example of a brute force attack on a Salesforce environment, walking through how MCP-enabled enrichment collapses a workflow that would traditionally require manual swiveling across multiple tools and sources.

Q: When you bring Coro’s security data into an environment like Claude or ChatGPT or Gemini, how does that change the quality of intelligence that those teams are actually getting?

Ben Morrell: “The data that we should be providing should be the same, if not nearly exactly the same, data that you should be able to get out of our own interface or with a REST call if you really wanted to. It might be moved around slightly in the way it’s presented to you, especially in natural language processing back to you. But that ability to — let’s say — just go: the IP address for that potential brute force attack that occurred to Salesforce, can we query that against a Google search and just see if there’s anything out there that might be relevant to that IP? Is it attached to a known threat actor? Is it attached to an unknown attack method that might be occurring? Was there a news article from Bleeping Computer or Hacker News that might represent what this means to me, rather than just a single entity or perhaps a script kiddie probing my Salesforce environment? So being able to bring in this threat context data into this environment is what is generally done manually these days. You pull this information apart, you go and search your relative information, you swivel between chairs and interfaces in order to work out what this means in context — and does it mean more than what I’ve just been given as a baseline value of information? Being able to do that with an AI that’s able to do this at speed, at whim, and with access to all of these things promptly with prompts as well, should really be defining a much faster mechanism to getting there. But I think it also allows it to bring this complex methodology perhaps into the seat of the lean IT team and the lean IT team user who’s looking after it, to have a better understanding of: okay, now I can understand why I do this and why I want to do this and how to do it.”

MCP and the Tribal Knowledge Problem in Security

One of the most underappreciated risks in lean IT security environments is the concentration of institutional knowledge in individual people. When a key IT generalist changes jobs, that knowledge walks out the door. Morrell explains how an MCP-driven, AI-native approach helps convert personal expertise into organizational intelligence — and how Coro’s platform has been working toward this goal even before MCP entered the picture.

Q: How does an MCP-driven AI-native approach help erode that tribal knowledge problem, so that institutional security knowledge is not living in one person’s head?

Ben Morrell: “This is something we’ve tried to fix, or are still trying to fix, even without MCP. How can we automate a lot of this workflow? How can we better present back to users information — regardless of whether it’s through MCP or something else — as to what’s happened, why it happened, and what does it mean? Being able to then take it into MCP means that we can bring it to a level that they understand. They can prompt it, they can query it, they can bring this information back into the rest of their AI system and potentially teach and learn and evolve in that system as well. Reports can be created, data can be saved and stored. We could then, for example, if we go back to the threat intelligence exercise — if I brought this data in from Coro and it doesn’t exist in my threat intelligence, then I also want to push it into my threat intelligence. I want to make sure that everything is going the places where they need to go. Someone didn’t look at the data, didn’t find it in MISP, and went: okay, that’s nothing of use to me, and I move on and do what I need to do next. We need to start being much cleverer. We’re trying to bring all this together and it’s very difficult — difficult for a lean IT team who doesn’t have the time and most likely not the expertise either to do it the way that we have been doing it for many, many years now. That doesn’t mean the way we’re doing it is wrong. It just means that we can make this more easy for these teams to start to get on board and start to increase their security posture and feel like they’re playing with the big boys.”

Coro as Customer Zero: Internal Validation of the MCP Platform

Coro does not just build for lean IT teams — it operates as one. Morrell’s role as VP of Security Strategy encompasses both external security strategy and Coro’s own internal security operations, making him a direct user and validator of the platform he helps develop. This Customer Zero approach creates a feedback loop between real-world lean IT pain points and product direction that Morrell argues is more valuable than traditional customer discovery alone.

Q: You folks are operating as Customer Zero for this. Talk about how that has actually taught you about what lean IT teams need from AI-driven security.

Ben Morrell: “At the top of the conversation, you mentioned that I’m VP of Security Strategy. That’s not just external security strategy — it’s internal security strategy. What do we need to do? How are we operating with these tools? Are my teams that are managing our security, managing our team, getting the best out of what we have available and can build? And at the end of the day, as my CEO says: if I can’t make this product work for us, then how can I expect it to work for anybody else? At the end of the day, we’re selling for lean IT, we’re selling for small businesses, medium businesses, medium enterprise. We fit that criteria ourselves. So being able to see what works for us, being able to talk directly to my actual engineers, my security teams, everything above and beyond that, and go: is this helpful, is this useful, does this suck, should we be doing this a better way? And then being able to drive that into our actual product and deliver that to clients — while also being able to ask them at the same time: this is what we felt, does this resonate with you? Rather than just going to them and saying, what do you need? And they don’t know — they’re drowning, they would love just the world to be fixed. So being able to come to them instead and say: this is what we found, this is what we’ve done, these are the pains we felt, and this is how we fixed them — does that resonate with you? Is that something that is of value to you? And therefore is this the journey you want to take with us? Or have we missed the mark?”

Working With Partners, MSPs, and External Clients

Morrell’s role takes him across internal teams, direct enterprise clients, and the managed service provider and MSSP partner ecosystem that is a central channel for Coro’s platform. He reflects on the distinct dynamics of each relationship and why the partner conversation is particularly revealing about the structural pressures facing lean IT security at scale.

Q: Who do you prefer dealing with — internal customers or external customers?

Ben Morrell: “It depends on whether my internal customer has a C in front of their title. I love everyone in my business — the team internally is actually a lot of fun to deal with. But one of the things when dealing with lean IT is that a lot of these folks are open to talking about the problems they’re having because you’re here to try and provide them a solution. So I find it’s a very similar conversation — I’m just having it with less context of who’s who in the zoo and what that means, and what sort of things have gone right or wrong in the past for this business. But we can explore that as we speak to them. Beyond that, dealing with partners is absolutely fascinating in this space. The things that are hurting them, and therefore hurting their clients — how do we make life better for them and therefore for their clients as well? So across the board, I’ve always enjoyed speaking with and dealing with clients and partners, whether it’s this role or previous roles. So I think probably the external — the internal guys already know me. I think they get sick of me walking through the door because they know I’m going to beat them up with questions.”

Compliance, Sovereign Cloud, and Regulated Industries

As geopolitical pressures accelerate demand for sovereign AI and sovereign cloud infrastructure — particularly in Europe and the Asia-Pacific region — Coro’s platform model and MCP integration are being evaluated for deployment in government-aligned cloud environments. Morrell addresses the compliance use case, the sovereign cloud opportunity, and the tension between isolation requirements and security capability in regulated environments.

Q: What role does your MCP integration play in enabling compliance and sovereign cloud capabilities? There’s a common theme of isolation, compliance, security, privacy, and sovereignty.

Ben Morrell: “If you look at what we deliver as a platform, we can tick a lot of boxes for people when it comes to compliance exercises. For example, having these types of security metrics in place and what we can do with them, which means that for the lean IT team, it’s being able to tick those boxes and make sure they’re on — which the MCP can assist with, because you’re able to query: how are we going, what are we doing, can I produce a report, I’m about to be asked how we’re going, what my insurance wants to see — and we can sort of bring that together with prompts and combine it with the rest of the business. Rather than just taking a report from here and a report from here and a report from here. When it comes to the sovereign discussion, absolutely, we’re seeing that a lot. The beauty of being a platform is that we’re looking to see how we can best bundle ourselves up and appear where people need us to appear. In my own region, for example, Singapore has a very strong government-based cloud that they like to put this sort of material in. Similar things are happening in Europe. And we’re happy — just like the MCP server release — to go and meet our clients where they are. We’re exploring these opportunities. What clouds can we appear in? What’s required for us to operate in them? Do we lose any ability to protect people because we have to go into these isolated environments? Or are we gaining by being able to be more resilient and stronger and provide a much more direct, uninhibited service?”

Trust, Control, and Auditability: Addressing Skepticism About Piping Security Data Into General-Purpose AI

Not every lean IT team is ready to connect security data to a general-purpose LLM client, and Morrell does not argue that they should be. He outlines Coro’s approach to meeting teams at different points on the readiness spectrum — from teams using Coro’s own in-portal AI assistant to teams building full MCP-connected multi-source workflows — and the conversations Coro has with partners about data exposure, auditability, and intentional architecture before recommending an integration path.

Q: There may still be teams who are skeptical about piping security data into general-purpose AI tools. What is your answer on trust, control, and auditability?

Ben Morrell: “I’m not suggesting that everybody has to go this route. We will still always be building for the team that is unable to take the AI step. This is still also a step that might require them to do other things beyond just connecting to us for security data. If this isn’t going to do anything for your business except pull data into an AI agent — what’s it solving in that case? We’re still always building appropriate interfaces. Simplified messaging, our own AI assistance that runs inside the portal, for example, can help you meet that sort of middle ground of being able to pull that data into an AI that you can prompt without taking that data out to somewhere that you’re potentially not used to using, not ready to use, or are skeptical of using as well. So our goal is always to try and remove as much friction from whichever way people wish to use us. You do have to have some security metric when bringing data into another foreign platform. If you haven’t done the right exercises, by default you may just be exposing that data to internal systems at a minimum, but hopefully not external systems. So we always try and have conversations with our clients, especially our partners: what are you trying to solve, what’s the goal, have you thought this through, are you just doing this for the sake of doing it? We have lots of options for you. What works for you today may be something we can evolve to tomorrow — just start a journey with us and we’ll help you through that.”

Where API-First Approaches Fall Short, and How MCP, REST API, and Console Access Coexist

Morrell closes out the technical architecture discussion with a nuanced take on the relationship between MCP, REST APIs, and direct console access — arguing that these are not competing paradigms but complementary tools with distinct, well-defined use cases. He also previews the possibility of convergence between MCP and API-first approaches as the tooling landscape matures.

Q: Where does the traditional API-first approach fall short, and how do MCP, REST API, and console access coexist for lean IT teams?

Ben Morrell: “APIs are still very much the domain of people who know how to utilize them, run them, execute them. This is one of the reasons MCP exists for AI — so that we don’t have to build a dozen or 24 or 30 different plugins for each AI that exists out there. We can instead create a server that each AI uses via an open standard. The API methodology still has a lot of power, but it depends on what you want to do. If I wanted to take every piece of threat intelligence that Coro or any other security system has found for the last 30 days, I’m probably better off running some sort of API methodology to pull this data down and push it into my system that way, rather than attempting to run multiple prompts and costing potential token overhead to achieve that same goal. So they’re not really replacements. We may see some merging of both of them over the next months — possibly even faster, the way this stuff moves. But at the moment they exist for specific reasons, specific goals. And you’ve still got that third option — living within our system or the system that someone else has made available to you. Between all of those, there’s a ‘what works for you.’ It’s sometimes very commonly hybridized. You may be doing API calls to build dashboards or pump data into ServiceNow for ticketing and logging, while still prompting to understand how your security is going today and acting faster on it — while still having access to the console to run configurations, get reporting, and see what’s happening. All three can live in the same environment, and you may use one more than the other.”

Watch the full TFiR interview with Benjamin Morrell here.