28 Could When Your SOC Analyst is Additionally a Bot: AI Brokers, MCP, and Many Automation Alternatives in Your Safety Operations
in Blogs
From AI Experiments to Autonomous Operations
– Christophe Briguet, Sr. Director of Product Administration – AI & Safety Analytics, Stellar Cyber
San Jose, Calif. – Apr. 28, 2026
One thing shifted in early 2026. Not steadily — extra like flipping a change.
For years, we talked about AI within the SOC the best way we talked about self-driving automobiles: at all times 5 years away, at all times needing “only a bit extra information.” Then MCP (Mannequin Context Protocol) occurred. Then agentic frameworks stopped being demos and began being instruments. And all of a sudden the query wasn’t “can AI assist safety groups?” however “what ought to we let it do first?“
I do know as a result of I’ve been operating one.
The Agentic Breakthrough No person Noticed Coming
Right here’s what modified: AI brokers stopped being chatbots with API entry and began being precise coworkers, ones that keep in mind yesterday, know how one can use your instruments, and might make calls on their very own.
MCP, initially created by Anthropic and now beneath the Linux Basis, gave us one thing we didn’t have earlier than: a common approach for AI brokers to connect with actual programs. Not by brittle integrations or customized code. By way of a standardized protocol that lets any AI agent discuss to any instrument, any API, any platform. Consider it as USB for AI: plug in a brand new functionality, and the agent simply makes use of it.
At Stellar Cyber, we shipped MCP assist in our platform. An AI agent can now connect with a Stellar Cyber occasion and instantly entry case administration: itemizing instances, pulling full investigation particulars with MITRE mappings and observables, updating standing, assigning analysts. One API name returns what used to take eight clicks and three tabs.
However MCP is simply the connector. The actual breakthrough is what sits on prime of it: agentic AI that remembers context, plans multi-step workflows, and acts in your behalf between periods.
What I Discovered Operating an AI Agent for a Week
I didn’t simply theorize about this. I constructed an AI agent that connects to my precise work programs (e mail, calendar, challenge administration, documentation instruments, and Stellar Cyber’s MCP server). I put it to work on actual safety operations duties.
Right here’s what it did in a single day:
Wrote two buyer emails about function capabilities. Pulled context from a 10-message e mail thread, cross-referenced the KB, obtained the technical particulars proper
Filed a Jira ticket. Bought the required fields unsuitable twice, found out the API, nailed it on the third strive
Scheduled a gathering throughout 4 folks by checking everybody’s calendar. Discovered the one open slot on Wednesday morning
Reviewed a course of doc on Confluence and the matching Figma board. Discovered 5 gaps no person had observed
Pulled 30,000 instances from our Stellar Cyber MCP server in a single name. Full MITRE mappings, observables, the works
Arrange a cron job to observe a Google Type for brand spanking new submissions, auto-create tickets, and ping me when one thing is available in. No code. It took about ten minutes.
That’s not a demo. That’s a Tuesday.
The Different Facet of This
Right here’s the place it will get uncomfortable. Every part I simply described? Adversaries can do it too.
If an AI agent can connect with your ticketing system, learn your escalation tickets, cross-reference your data base, and perceive your detection gaps? That’s a free roadmap to every part you’re dangerous at defending. The identical agentic capabilities that make defenders quicker additionally make attackers extra systematic.
MCP is a double-edged sword. CrowdStrike already revealed analysis on securing agentic AI deployments in opposition to immediate injection and privilege escalation. The assault floor isn’t theoretical. It’s the very same integration factors that make brokers helpful.
The risk panorama shift is that this: the pace benefit that SOC groups had over scripted assaults is disappearing. Adversaries with agentic instruments can now:
Enumerate your surroundings quicker than your analysts can triage alerts
Generate social engineering content material that’s contextually conscious of your group
Automate lateral motion selections the best way we automate triage selections
Adapt techniques in real-time based mostly on what’s working
So what do you do? You make your defensive automation quicker, smarter, and extra related than their offensive automation. Which brings us to the alternatives.
Many Automation Alternatives
After operating an AI agent in opposition to actual safety operations workflows, six clear automation alternatives emerged. These aren’t aspirational. They’re issues I watched an agent do (or almost do) this week.
1. Alert and Case Triage at Machine Velocity
That is the plain one, and it’s the place Stellar Cyber’s Alert Auto-Triage already operates. The agent runs Verdict Sign Checks in opposition to each essential case: IP popularity, behavioral anomalies, entity relationships, and gadget vulnerability. Then it delivers a verdict: True Constructive, Benign, False Constructive, or Inconclusive.
What’s new is the suggestions loop. When an analyst overrides a verdict, that override turns into a coaching sign. Not within the imprecise “we’ll retrain the mannequin sometime” sense. Within the “the subsequent time this sample seems, the system weighs your judgment” sense. Tesla FSD learns from human takeovers. So does this.
The agentic unlock: An MCP-connected agent can now pull case particulars, correlate with exterior risk intel, verify historic verdicts on related patterns, and ship a triage resolution with full explainability, with out a human clicking by 5 tabs.
2. Consumption and Onboarding Automation
Requests come by a kind. Traditionally, somebody reads the submission, creates a monitoring ticket, checks stipulations, and sends a affirmation e mail. 4 programs, three context switches, one particular person doing handbook information entry.
An agent displays the consumption supply on a schedule. When a brand new entry seems, it creates the ticket with the complete structured description, writes the reference again to the supply, and sends a notification with a abstract. Zero handbook steps.
The agentic unlock: This sample generalizes to any consumption course of. Trial requests. Compliance inquiries. Vulnerability disclosures. Buyer escalation routing. Any workflow that includes “learn from supply A, create in system B, notify through channel C” is a candidate.
3. Detection High quality Suggestions Loop
That is the one which excites me most. Safety distributors accumulate huge backlogs of “this detection doesn’t work proper” tickets. The descriptions are sometimes cryptic. The context is buried in e mail threads and assist tickets. The particular person triaging wants deep product data to even perceive the ask.
An AI agent with entry to your ticketing system, data base, and safety platform can learn a detection suggestions ticket, pull the precise alert information, cross-reference with documentation, and produce a transparent abstract: “It is a false optimistic attributable to substring matching in rule X. The reporter supplied a repair. Right here’s the corrected question.”
The agentic unlock: Join the agent to the reporting surroundings (with permission) through MCP, and it may possibly validate the reported difficulty in opposition to reside information. No extra “are you able to ship a screenshot?” No extra three-week back-and-forth. The agent sees what the reporter sees.
4. Connecting the Dots Throughout Instruments
A safety operations chief’s job is connecting dots throughout programs. An e mail thread a few accomplice engagement, a ticket a few detection hole, a wiki web page about course of, a design board about workflow, pricing in a gross sales thread. These reside in numerous instruments with no computerized correlation.
An AI agent traverses all of those. Ask it “what’s the standing of this accomplice’s trial?” and it pulls the e-mail thread, checks the monitoring ticket, reads the consumption kind, and synthesizes a single reply. No tab switching. No “let me verify.”
The agentic unlock: That is the place MCP shines. Every system is an MCP server. The agent doesn’t care if the info is in e mail, Jira, or Stellar Cyber. It speaks the identical protocol to all of them.
5. Proactive Monitoring With out Alert Fatigue
The standard method to monitoring is both “verify every part always” (costly, noisy) or “wait for somebody to note” (gradual, dangerous). AI brokers supply a 3rd path: scheduled, clever checks with human-level judgment about what’s value escalating.
My agent checks communication channels periodically, nevertheless it doesn’t simply report “you’ve gotten 15 unread messages.” It categorizes by urgency, identifies motion objects, filters noise, and solely alerts me when one thing truly wants consideration. The identical sample applies to safety monitoring: verify case queues, flag anomalies in detection protection, monitor SLA breaches. And keep quiet when every part’s regular.
The agentic unlock: Scheduled agent runs with model-tier optimization. Use a lighter mannequin for routine checks, escalate to a extra succesful mannequin when the state of affairs requires judgment. Value-aware automation.
6. Documentation and Information Seize
Safety groups generate huge quantities of institutional data that by no means will get documented. The analyst who is aware of {that a} particular firewall vendor’s log entries behave in a different way than anticipated? That data lives of their head till they depart.
AI brokers can seize and construction this data in real-time. Each ticket triage, each interplay, each resolution turns into a structured entry in a persistent data base. The agent maintains day by day notes, updates its long-term reminiscence with distilled insights, and cross-references new data in opposition to what it already is aware of.
The agentic unlock: The extra the agent works, the extra it is aware of. The agent that triaged a batch of detection tickets now understands vendor-specific log quirks, integration edge instances, and identification correlation gaps. Subsequent time a associated ticket is available in, it begins from that base — not from zero.
What This Means for Safety Groups
The safety business has spent the final decade constructing detection. The subsequent decade is about selections. Who decides what’s actual? Who decides what to do about it? And how briskly can these selections occur?
Agentic AI doesn’t change the analyst. It offers the analyst leverage. The identical analyst who manually triaged 20 instances a day can now overview 200 agent-triaged instances, focusing their experience the place it issues: the sting instances, the novel assaults, the judgment calls that machines can’t make but.
The distributors nonetheless hiding behind closed APIs and one-shot AI summaries are going to get left behind. The platforms that win would be the ones that open their APIs by protocols like MCP, construct suggestions loops that really study from human selections, and deal with AI automation as a product, with accuracy metrics, price controls, and governance rails.
We’re constructing that at Stellar Cyber. The MCP server is reside. Alert Auto-Triage is in manufacturing. And I’ve an AI agent that simply drafted this weblog put up.
Properly, most of it.
Christophe Briguet is Sr. Director of Product Administration – AI & Safety Analytics at Stellar Cyber, the place he leads the Autonomous SOC product route. He’s nonetheless determining the place the road is between useful and creepy.
About Stellar Cyber
Stellar Cyber’s Open XDR Platform delivers complete, unified safety with out complexity, empowering lean safety groups of any talent degree to safe their environments efficiently. With Stellar Cyber, organizations cut back danger with early and exact identification and remediation of threats whereas slashing prices, retaining investments in current instruments, and enhancing analyst productiveness, delivering an 8X enchancment in MTTD and a 20X enchancment in MTTR. The corporate relies in Silicon Valley. For extra data, go to https://stellarcyber.ai.
