Sure! Here’s the translated text:
The cybersecurity company Rapid7 has taken a decisive step toward the future of Security Operations Centers (SOCs) by integrating agentic AI-based workflows into its next-generation SIEM and XDR platform. The aim is to radically transform how threats are investigated in the environments of its managed detection and response (MDR) service clients.
Through its AI engine, Rapid7 enables these workflows to autonomously perform essential investigative tasks with the same rigor as a human analyst, but at speeds characteristic of AI. This frees SOC experts to focus on deeper analysis, strategic decisions, and high-impact actions, while automated systems resolve repetitive tasks in seconds.
More speed, more scale, more transparency
The acceleration of the threat landscape driven by AI requires organizations to respond with the same agility. Customized campaigns that are difficult to detect and launched globally demand new solutions that combine precision with speed. In this context, Rapid7’s agentic AI workflows not only automate but also explain every decision, providing total traceability for every action taken by the AI.
According to the company, its system is already capable of closing benign alerts with 99.93% accuracy, which translates to saving more than 200 hours of work per week for security teams. This reduction in operational burden allows analysts to dedicate more time to critical tasks.
“AI is not just an operational enhancement, it is a catalyst for a new era of scale, speed, and strategic decision-making,” stated Laura Ellis, Vice President of AI and Data at Rapid7. “Our agentic AI workflows are not just automation: they represent the first steps toward intelligent, adaptive systems based on the accumulated knowledge of our analysts.”
Playbooks trained with real experience
One key to the success of these workflows is that they are trained with playbooks developed by Rapid7’s own analysts. Their effectiveness is not theoretical; it is based on direct experience with real incidents, continuously refined and adapted in production environments.
The direct benefits include:
- Scalable, high-quality investigations, even in environments with increasing volumes of alerts and AI-driven advanced threats.
- Greater control and visibility into the reasoning behind each automated decision.
- Better return on investment (ROI) by redirecting analyst time toward complex, strategic decisions.
A step toward human-centered AI
Jon Hencinski, Vice President of Detection and Response at Rapid7, emphasizes that the real value lies in enhancing the human decision-making moment: “With these workflows, we use AI to present the right information at the right time, helping analysts make quick and accurate decisions. We automate repetitive tasks, highlight relevant findings, and provide context to support responses.”
Moreover, the implementation has not been improvised. Craig Robinson, Vice President of Research at IDC, highlights the meticulous planning behind the deployment: “Success in integrating AI into cybersecurity platforms requires disciplined processes, from data classification to response orchestration. Rapid7 has applied a deliberate, transparent, and efficient strategy that is already generating tangible benefits.”
What is agentic AI?
The so-called agentic AI represents an evolution beyond traditional automation. It does not merely execute predefined rules; it incorporates adaptive and contextual capabilities that allow it to simulate complex decision-making processes and explain why it took specific actions. In the context of cybersecurity, this enables systems to detect, analyze, and respond to threats with a capacity reminiscent of human capabilities but at scales impossible to reach for a manual team.
The future of SOCs is AI-driven
More than 11,000 organizations worldwide use Rapid7’s solutions, which now gives new momentum to its XDR platform with this new layer of intelligent automation. At a time when threats are growing in complexity and volume, and where the shortage of cybersecurity talent is a persistent challenge, solutions like these mark a turning point in how the security operations centers of the future are built.
via: rapid7