As cyber threats continue to evolve at machine speed, Pondurance has introduced Pondurance Kanati, an advanced Agentic AI designed to transform Security Operations Center (SOC) performance. With the general availability of Kanati, the company is redefining managed detection and response (MDR) by enabling autonomous SOC operations, where human analysts act as supervisors rather than first responders.
As attackers increasingly leverage AI to accelerate their operations, traditional SOC models are struggling to keep pace. Therefore, Pondurance has built Kanati using an AI-native operating model that prioritizes speed, precision, and automation. By processing vast volumes of security data in real time, the platform enables organizations to detect, analyze, and contain threats at machine speed while maintaining human oversight for complex scenarios.
“Cyber adversaries operate at machine speed, using AI with no rules of use. Security operations must match that pace or fall behind, while protecting and not negatively impacting each customer’s environment,” said Doug Howard, CEO of Pondurance. “With our new Pondurance Kanati Agentic AI SOC, we’ve reimagined from the ground up how the SOC operates in the next-generation MDR, fusing at peak more than 60TB of daily event, alert, and threat intelligence data with contextual AI to achieve containment for high-confidence threats.”
Transforming SOC Operations with AI-Native Design
Unlike traditional systems that layer automation on top of legacy workflows, Kanati introduces a fundamentally new approach. It replaces alert-driven processes with a coordinated system of AI agents that continuously operate across the entire threat lifecycle. As a result, high-confidence threats are automatically contained in real time, while human analysts focus on nuanced or lower-confidence situations requiring expert judgment.
This shift significantly reduces manual workloads and accelerates response times. Moreover, it allows security teams to transition from reactive incident handling to proactive advisory roles, helping organizations strengthen their overall security posture and IT resilience.
Delivering Measurable Performance Gains
Initial performance benchmarks highlight the impact of Kanati’s AI-driven capabilities. For instance, the platform achieves:
- 90% faster threat analysis through AI-powered confidence scoring and automated containment
- Less than 2 minutes average investigation time for all alerts
- 80% reduction in false positives
- 10x improvement in contextual threat correlation and enrichment
- Rapid identification of vulnerabilities before exploitation
- 100% alert coverage, ensuring every alert is fully investigated
Consequently, organizations benefit from faster detection, improved accuracy, and significantly reduced operational overhead.
Reimagining the Managed SOC Model
Traditionally, SOC teams rely heavily on human analysts to triage alerts, correlate signals, and execute response actions. However, this approach often leads to bottlenecks, increased dwell time, and higher operational costs. In contrast, Kanati automates these processes while maintaining critical human oversight.
Additionally, the platform addresses limitations found in many AI-driven SIEM solutions, which often lack sufficient data scale, operational maturity, or 24/7 support. By combining AI automation with continuous SOC expertise, Pondurance ensures both reliability and accountability in security operations.
Kanati’s core capabilities include real-time telemetry ingestion across endpoints, networks, cloud, and identity systems; autonomous multi-step investigations; automated containment actions such as endpoint isolation; and generation of audit-ready investigation reports. Furthermore, the system escalates complex or uncertain cases to experienced analysts, ensuring balanced decision-making.
Built for Trust, Governance, and Transparency
Importantly, Pondurance has designed Kanati with strong governance and security controls to address concerns around AI autonomy. The platform operates within a tenant-isolated environment, ensuring strict data separation and privacy. Additionally, all customer data remains within Pondurance’s infrastructure and is processed securely using Amazon Bedrock, without being used to train external models.
Moreover, every automated action is logged and auditable, supported by explainable AI capabilities that provide clear investigation trails. This ensures organizations maintain full visibility and control over their security operations.
For organizations with regulatory constraints, Pondurance also offers the flexibility to opt out of Agentic AI capabilities, ensuring compliance with specific requirements.
Driving the Future of Autonomous Cyber Defense
Ultimately, the launch of Kanati marks a significant shift in how SOCs operate. By combining autonomous AI-driven execution with human expertise, Pondurance is enabling a new standard of cybersecurity one that delivers faster response, greater accuracy, and scalable protection against modern threats.
As cyberattacks continue to accelerate, solutions like Kanati will play a critical role in helping organizations stay ahead, reduce risk, and build resilient security operations for the future.
Recommended Cyber Technology News:
- WatchGuard Expands Network Threat Detection for MSPs & SMEs
- Lumu Launches Agentic SOC for Autonomous Security Operations
- Cloud Phones Linked to Growing Financial Fraud Risks
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
