Threat detection and exposure management company Rapid7 has embedded agentic AI workflows within its next-gen SIEM and XDR platform, changing how threats in MDR customer environments are investigated in the security operations centre (SOC).
Leveraging Rapid7’s AI Engine, agentic AI autonomously performs foundational investigative tasks with the rigour and expertise of a SOC analyst, but at AI speeds. This empowers analysts to perform deeper analysis, shorten investigation cycles, and ultimately solve security problems faster for customers.
As AI accelerates the threat landscape, enabling attackers to launch faster, more personalised, and harder-to-detect campaigns, organisations need an MDR experience that scales to meet the demands of their environment and the broader attacker landscape while providing direct visibility into decisions.
The new agentic AI workflows in Rapid7 MDR address the demand for scale, speed and transparency, incorporating Rapid7’s industry-leading AI automation for alert triage, which closes benign alerts with 99.93% accuracy and saves 200 plus SOC hours per week.
“AI isn’t just an enhancement to security operations, it’s a catalyst for a new era of scale, speed, and strategic decision-making. At Rapid7, we believe AI must be human-centric, transparent and accountable, and built on analyst expertise,” said Rapid7 President of AI and Data Laura Ellis.
“The launch of agentic AI workflows for MDR represents the foundational step in our broader vision for agentic AI across the platform,” she added. “Far more than just automation, this is the beginning of a system capable of intelligent and adaptive decision-making.”
Agentic AI workflows are trained on playbooks designed by Rapid7’s own SOC experts and refined through continuous real-world application, ultimately delivering:
-
Improved confidence in security postures through scalable, repeatable, high-quality investigations that protect against sophisticated AI attackers amid increasing alert volume;
-
Greater visibility and control of service outcomes with transparency into the reasoning, evidence, and logic behind every AI-powered action and output; and
-
Maximum return on detection and response investments via reallocation of analyst hours to the most complex tasks and strategic decisions to maximise impact across customer environments.
“A world-class SOC optimises for the ‘human’ decision moment,” said Rapid7 Detection and Response VP Jon Hencinski. “With agentic AI workflows, we’re using AI to present the right information to enable accurate and fast human decisions that allow organisations to quickly find and stop today’s AI-enabled attackers. Agentic AI workflows automate repetitive tasks, surface relevant findings, and provide contextual information to support analyst decision-making. By delivering timely, actionable insights, these workflows improve the quality of decisions being made and empower analysts to move confidently to the next step in the response process.”
