Intezer Streamlines Security Automation for SOC Teams
Intezer unveiled a new feature called Custom Agents, allowing security operations centers to design and deploy AI-driven workflows directly within the Intezer platform. This development expands the company’s existing framework, which employs autonomous agents to manage security operations tasks while enabling human oversight. Modern security teams face increasing challenges due to the volume and complexity of threats, making manual processes and ad-hoc automation insufficient. The Intezer platform already utilizes autonomous agents to continuously triage, investigate, and respond to alerts, analyzing 100% of incidents and escalating less than 2% for human intervention. Custom Agents extend this functionality by enabling organizations to automate additional investigative procedures, reporting tasks, and other recurring security operations specific to their environments.
Custom Agents address tailored SOC requirements
Each security operations center develops unique workflows for tasks such as generating incident reports, documenting shift handoffs, refining detection rules, and recording investigation outcomes. Analysis of how teams interacted with Intezer’s AI chat interface revealed that over 30% of queries involved repetitive requests. Custom Agents transform these recurring activities into self-executing processes. Current Intezer users have deployed agents for functions including automated incident report generation, rule tuning recommendations based on triage results, and proactive threat hunting initiatives.
“The introduction of Custom Agents empowers security teams to automate their specific operational processes by creating AI agents that operate on the same infrastructure as their SOC, ensuring seamless integration and performance,” stated Itai Tevet, CEO of Intezer. “While our autonomous agents have long managed foundational SOC tasks, Custom Agents provide organizations with the ability to automate their distinct workflows according to their preferred configurations.”
Implementation of Custom Agents
Custom Agents are configured through natural language commands, enabling SOC teams to define objectives and schedule execution timelines. These agents leverage Intezer’s integrated toolset alongside external systems such as CrowdStrike, SentinelOne, Splunk, Microsoft Sentinel, and Entra ID. They perform actions including case updates, commentary, closure, and report distribution via email. The solution supports end-to-end automation across multiple security layers, combining built-in capabilities with third-party platform integrations. The platform’s architecture ensures that Custom Agents operate within the same environment as existing security workflows, maintaining consistency and reducing deployment complexity. Organizations can customize agent behavior to align with internal policies and operational standards, enhancing efficiency without requiring extensive coding expertise. Technical details and integration specifics remain consistent with Intezer’s existing infrastructure, allowing seamless adoption for enterprises already utilizing the platform. The feature emphasizes scalability, enabling teams to adapt automation strategies as threat landscapes evolve.
