Intezer has expanded capabilities in its AI SOC platform designed for teams who have outgrown their traditional managed detection and response (MDR) services. Internal SOC teams can now focus on supervising outcomes rather than grinding through alerts, with Intezer providing autonomous triage and investigation, continuous optimization for their SIEM and EDR detection rules and expert human support whenever needed.
When internal teams lack the capacity to investigate alerts around the clock, they often turn to MDR providers. But MDR is still limited by human capacity. Investigation quality varies by analyst and shift, and low- and medium-severity alerts are often deprioritized or never reviewed. Across enterprise SOC environments analyzed by Intezer, roughly 60% of alerts go unreviewed because teams cannot investigate every signal. That creates silent risk. Intezer’s recent research also found that nearly 1% of real threats come from low-severity alerts, equal to an average of 54 true threat alerts per year for a large enterprise, or more than one per week.
“Many organizations handle millions of security events per year,” explained Cecil Pineda, 4 time CISO and security leader in the healthcare industry. “There’s no possible way you can go through 100% of your alerts, and resolve them completely, unless you rely on an AI platform.”
In addition, due to siloed roles within MDRs, real investigation outcomes are rarely used to tune EDR and SIEM detection rules, creating a major gap in detection engineering and making it difficult to keep rules current and effective.
Intezer’s expanded AI SOC platform capabilities have been proven in large enterprise environments to eliminate the investigation capacity constraint, enabling internal SOC teams to rely on autonomous triage and forensic-depth investigation across 100% of alerts, trust the evidence behind each verdict, and focus human experts on supervision and response rather than investigative execution. The result is stronger security outcomes, broader alert coverage, and the ability to operate without outsourced MDR.
“Security operations have reached a structural limit. Human teams, whether internal or outsourced to MDR providers, cannot realistically investigate the volume of alerts enterprises now face. Our analysis of more than 25 million alerts makes the risk clear: Real threats are often buried in the low-severity signals that never get investigated,” said Itai Tevet, CEO of Intezer. “AI SOC changes the model by making full forensic investigation possible across every alert, continuously improving detection based on real outcomes, and allowing human experts to focus on the incidents that truly require judgment and response.”
Expanded AI-Powered SOC
Intezer’s expanded AI SOC platform introduces new capabilities that remove key limitations of traditional MDR and give internal SOC teams a stronger operating model:
- AI-driven detection engineering: Investigation outcomes feed directly into detection engineering, creating a closed-loop process that continuously improves detection coverage. SIEM and EDR rules are tuned or created based on real investigation verdicts, threat intelligence, and observed attacker behaviors, identifying broken or noisy detections and closing coverage gaps over time.
- On-demand security experts: Customers gain direct access to Intezer’s security researchers and analysts for complex investigations and high-impact incidents. Through the platform, teams can request expert analysis of artifacts, alerts, and logs; get guidance during active incidents and validate suspicious activity identified by the AI SOC.
- Continuous feedback and model tuning: Human review of edge cases and customer feedback continuously improves AI investigation accuracy and ensures results align with each organization’s environment and risk profile.
These capabilities shift security teams away from manual alert processing and toward supervising outcomes. Organizations that have outgrown their MDRs can run security operations more effectively with AI performing investigative work at enterprise scale.
