There's a role in every security operations center that everyone knows needs to exist, but nobody actually wants to do. It doesn't have an official title, but if it did, it would be "Alert Babysitter."
The job is simple in concept: alerts come in, someone needs to look at each one, gather context, determine if it's real, and either escalate it or close it. Eight hours a day of triage. Hundreds of alerts. Most of them false positives or low-severity noise. A handful that matter buried in the pile.
It's necessary work. It's also soul-crushing work. And it's exactly the kind of work that won't exist in three years because AI agents are going to do it better, faster, and without burning out.
That statement makes people nervous. "AI is coming for security jobs" sounds like a threat. But here's the reality: AI isn't coming for security jobs. It's coming for security tasks. And the tasks it's best suited for are the ones that make talented analysts want to quit.
What Actually Happens During Alert Triage
Let's walk through what an analyst does when an alert fires.
The SIEM flags suspicious authentication activity. User logged in from an unusual location at an unusual time. The alert provides basic information: username, source IP, timestamp, location derived from IP geolocation.
First, the analyst needs context about the user. Is this person traveling? Are they remote? What's their normal behavior? The analyst queries HR systems or Active Directory to find the user's role, location, manager. They might check an asset management database to see what devices are assigned to this user.
Next, they need context about the source IP. Is it a known VPN endpoint? A cloud provider? A residential ISP? They check threat intelligence feeds. Has this IP been associated with malicious activity? They might check VirusTotal or other reputation services.
Then they need behavioral context. Does this user normally log in from this location? The analyst queries authentication logs for the past 30 days, looking at patterns. They check if there are other users in the same department or location who regularly authenticate from similar IPs.
They also need to check for related alerts. Did this trigger other suspicious activity? They search for alerts involving the same username or source IP in the same timeframe. Maybe there are failed authentication attempts right before the successful one. Maybe there's unusual file access shortly after.
All of this gathering takes time. The analyst is switching between multiple tools, running multiple queries, mentally correlating the findings. They're building a picture of what happened and whether it's actually suspicious.
After 15 to 30 minutes of context gathering, they make a determination. In 80% of cases, it's benign. The user is traveling for work, or working from home, or using a new device. The alert was technically correct but not actually a threat. The analyst documents the findings, closes the alert, and moves on to the next one.
In the remaining 20% of cases, there's enough concern to escalate. The analyst writes up their findings, creates a ticket, hands it off to incident response. Now someone else will spend time doing deeper investigation.
This process repeats dozens or hundreds of times per day, per analyst. It's necessary because you can't ignore alerts. But it's exhausting because most of the work is mechanical. Query this system, check that feed, correlate these logs, document the result.
The 25-Minute Problem
Industry estimates commonly put initial alert triage and context gathering in the 25-to-40-minute range. Not investigation. Not response. Just the upfront work of figuring out if the alert deserves attention.
Do the math. If an analyst handles 50 alerts per shift and each one takes 30 minutes, that's 25 hours of work in an eight-hour shift. Obviously impossible. So what actually happens?
Corners get cut. Context gathering becomes less thorough. Analysts develop heuristics and shortcuts. "If it's this type of alert from this source, I can probably close it without deep investigation." False negatives creep in. Real threats get missed because the analyst is drowning in volume and has to make quick judgments.
Or organizations just accept huge backlogs. Alerts sit in queues for hours or days. By the time someone looks at them, the context has changed. If it was a real attack, the attacker has had time to expand their access. If it was benign, the delay doesn't matter, but you've still spent resources investigating something old.
Neither option is good. You either sacrifice thoroughness and miss threats, or you sacrifice speed and give attackers dwell time. Both create risk.
The root problem isn't that analysts are lazy or incompetent. It's that the work is structured wrong. You're asking humans to do what amounts to data gathering and pattern matching at scale. Those are tasks computers excel at. We've just been stuck with manual processes because the tools weren't sophisticated enough to handle the nuance.
There's a deeper structural issue underneath this: modern SOCs accumulate detection debt. Every new telemetry source creates additional correlation requirements. Every new control expands the investigative surface area. Every detection added to catch a new threat pattern generates more alerts to process. The result is that the operational burden of a security program grows faster than headcount can scale to absorb it. Agents matter because they let organizations absorb expanding detection debt without linear analyst growth.
What Agentic Security Actually Means
"Agentic security" is the new buzzword making the rounds, and like most buzzwords, it's getting overused and misunderstood. But the core concept is sound.
An agent, in this context, is an AI system that can reason over data, autonomously invoke tools, and execute multi-step tasks without constant human supervision. It's different from automation and different from traditional AI.
Traditional automation is scripted playbooks. If-then logic. "When this alert fires, run these actions." It's deterministic and brittle. It can't handle scenarios that don't exactly match the script. You need humans to write specific playbooks for specific situations, and they only work for those situations.
Traditional AI in security is usually detection models. Machine learning algorithms that identify patterns and generate alerts. They're valuable for finding threats, but they still require human analysts to investigate those alerts. The AI finds the needle in the haystack. Humans still have to determine if the needle is dangerous.
Agents are different. They can take a goal ("investigate this alert and determine if it's a real threat") and figure out how to accomplish it. They can decide which tools to use, which data to query, how to correlate findings, and what conclusion to draw. They can adapt to different scenarios without needing pre-scripted playbooks for each one.
This isn't AGI or sentient AI. These are large language models with the ability to invoke functions, access data, and chain together reasoning steps. But that combination is powerful enough to handle the kind of structured, data-intensive work that makes up alert triage.
The Shift from Manual to Agent-Led Investigation
Here's what agent-led triage looks like in practice.
The same alert fires: suspicious authentication from unusual location. Instead of going to an analyst's queue, it goes to an AI agent.
The agent starts gathering context automatically. It queries the user's profile in Entra ID, retrieves their normal login patterns from authentication logs, checks the source IP against threat intelligence feeds, looks for related alerts in the same timeframe, and reviews recent activity by the same user.
This all happens in seconds. The agent isn't switching between tools or writing queries. It's programmatically accessing the data through APIs and MCP (Model Context Protocol) interfaces designed for machine consumption.
The agent correlates the findings. The user is a sales executive. The IP is from a hotel in a city where the company has a customer meeting scheduled. The timing aligns with travel calendar entries. No other suspicious activity. The authentication followed expected MFA challenges. The subsequent activity looks like normal email and document access.
The agent makes a determination: likely benign, consistent with business travel. It documents the reasoning, closes the alert with appropriate notation, and moves on.
Total time: 30 seconds.
If the same alert had different context (unknown location, unusual timing, no travel justification, followed by suspicious file downloads), the agent would escalate it to a human analyst. But now that analyst receives a case that already has all the context gathered and organized. They're not starting from scratch. They're reviewing the agent's findings and making the final judgment call.
The analyst's time is spent on the 20% of cases that need human judgment, not the 80% that are mechanical context gathering.
What Humans Still Do (And Do Better)
This isn't about replacing security analysts. It's about changing what they spend their time on.
The work that agents handle well: data gathering across multiple sources, pattern matching against known behaviors, correlation of related events, initial assessment of common alert types, documentation of findings, and routine response actions like isolating a device, disabling an account, or blocking an IP.
The work that still requires humans: strategic decision-making in ambiguous situations, understanding business context that isn't in any system, creative threat hunting based on hunches or emerging intelligence, adversarial thinking, stakeholder communication during incidents, policy decisions about risk acceptance, and building new detection logic based on novel threats.
The pattern is consistent. Agents handle structured, repetitive, data-intensive work. Humans handle unstructured, creative, judgment-intensive work.
This is a better allocation of human talent. Experienced analysts shouldn't be spending half their day checking if alerts are false positives. They should be hunting for sophisticated threats that haven't triggered alerts yet, analyzing attack trends, developing new detection strategies, and war-gaming attacker techniques. Junior analysts shouldn't be drowning in alert volume and developing bad habits from rushing through investigations. They should be learning from complex cases and building genuine expertise.
The role evolves from "person who triages alerts" to "person who supervises AI agents and handles cases that require human judgment." That's not a demotion. It's an elevation.
The Investigation Approval Model
One implementation model that's emerging: agents do the investigation, humans approve the findings.
The agent completes its analysis and presents a recommendation. "This alert appears to be benign based on these factors. Recommend closing with this disposition." The human analyst reviews the agent's work, validates the reasoning, and approves or overrides the recommendation.
This gives you the speed benefits of automation with the safety of human oversight. The agent handles the time-consuming data gathering and initial analysis. The human provides the final check, ensuring the agent didn't miss something or make a flawed assumption.
Over time, as agents prove reliable, the oversight model can adjust. Maybe certain alert types get fully automated if the agent's historical accuracy is high enough. Maybe other alert types always require human review because they involve sensitive systems or high-stakes decisions.
This graduated trust model lets organizations adopt agentic workflows without taking excessive risk. You're not blindly trusting AI to make security decisions. You're using AI to augment human decision-making, with appropriate controls based on risk and confidence levels.
The Skills Shift
If the nature of security analyst work is changing, the skills required are changing too.
Traditional security analyst skills center on log source knowledge, query language proficiency, protocol and attack technique understanding, cross-tool data correlation, and documentation.
Future security analyst skills center on understanding how agents reason and where they fail, validating agent findings and catching errors, threat hunting and hypothesis-driven investigation, strategic thinking about attack patterns and defensive gaps, and detection engineering that feeds agent workflows.
Some skills overlap. Understanding attack techniques remains critical. But the day-to-day mechanics shift from manual querying to agent supervision, from tactical investigation to strategic hunting. Analysts who resist the shift will struggle. Analysts who embrace it will become more effective.
A Necessary Caution on Automated Reasoning
Before going further, an important counterweight to all of this.
Agents will make mistakes. They will misread context, draw flawed conclusions, and occasionally close alerts that deserved escalation. An agent that confidently correlates the wrong context can create a false sense of certainty at machine speed. The danger in agentic workflows isn't just missing threats. It's institutionalizing flawed reasoning behind layers of automation that humans stop questioning.
This is not a reason to avoid agents. It's a reason to design oversight into agent workflows from the start, not as an afterthought. The graduated trust model described above exists precisely because autonomous confidence without human checkpoints is its own failure mode. The goal is not to trust agents blindly. It's to deploy them in ways that make their reasoning inspectable, their errors catchable, and their authority bounded by the risk level of the decision they're making.
The False Positive Impact
Agents don't experience alert fatigue. They investigate the hundredth alert of the day with the same thoroughness as the first, following the same investigative process without developing shortcuts from exhaustion or volume pressure.
That consistency produces two compounding benefits. False positives get properly investigated and documented rather than dismissed quickly. And the resulting data reveals clear patterns showing why certain alerts fire incorrectly, which feeds back into detection tuning. Better investigation leads to better documentation, which enables better detection logic, which reduces false positive rates over time. The virtuous cycle compounds.
Mean Time to Resolution
The metric everyone watches in security operations is MTTR: mean time to resolution.
Agent-led workflows compress it dramatically. Initial triage that took 25 minutes now takes 30 seconds. Agents can handle initial response actions automatically: isolate the compromised device, disable the suspicious account, block the malicious IP. These actions happen immediately upon detection rather than after a human analyst reviews and manually executes.
For genuine incidents requiring human investigation, the analyst starts with complete context already assembled. They're not spending the first 30 minutes on basic information gathering. They're jumping directly into analysis and decision-making.
The combination of faster triage, automated response, and better-prepared investigations can reduce MTTR by 50% or more. In security, that margin matters. Every hour an attacker operates undetected is an hour to steal data, deploy ransomware, or establish persistence.
Building Custom Agents for Your Environment
The real power of agentic security isn't just using pre-built agents from vendors. It's building custom agents tailored to your specific environment and workflows.
Every organization has unique playbooks, specific integrations, internal tools, and specialized processes. Generic agents handle generic tasks, but they can't handle your specific edge cases without customization.
This is where the Model Context Protocol and platforms like Security Copilot become enabling technologies. They provide frameworks for building custom agents without requiring deep AI expertise. A security engineer can describe a workflow in natural language and the platform helps translate it into an executable agent. "When we see failed VPN authentication followed by successful authentication within five minutes, check if the source IPs are from different countries. If yes, and if the account has privileged access, automatically trigger MFA re-verification and alert the SOC."
That's a bespoke workflow specific to your organization's risk tolerance, tools, and processes. Organizations will build libraries of these custom agents over time, and the security operations platform becomes less about manual investigation and more about agent orchestration.
The Governance Challenge Nobody's Talking About
Here's the uncomfortable truth about agentic security: you're giving AI systems the ability to access sensitive data, make security decisions, and take response actions autonomously.
That creates governance challenges most organizations aren't prepared for. Who approves what agents can do? What data can they access? What actions can they take without human approval? How do you audit agent activity? What happens when an agent makes a mistake? How do you prevent malicious or compromised agents from abusing their access?
These aren't hypothetical concerns. As agents become more capable and widely deployed, they become attractive targets. An attacker who compromises an agent or injects malicious logic into one has potentially automated their attack at scale.
Organizations need frameworks for agent governance: identity management for agents, not just users; permission models that limit access and action scope; audit trails for agent activity; and approval workflows for deploying or modifying agents. Microsoft is already anticipating this with features like Entra Agent ID for discovering and managing the agent estate. But governance is ultimately an organizational responsibility, not a technical one. Security leaders need to think about agents as a new class of entity that requires oversight, just like users and service accounts do.
What This Means for Security Teams
The practical takeaway isn't "fire your analysts and replace them with AI." It's "prepare your team for a different way of working."
Start by identifying the most repetitive, high-volume tasks in your SOC. Those are the candidates for agent-led automation. Build or deploy agents to handle those tasks first. Measure the impact on analyst workload and MTTR. Train your analysts on how to work with agents: how to review agent findings, how to identify when an agent made an error, how to build new agents for organization-specific workflows.
Reallocate the time freed up by automation toward higher-value activities. Proactive threat hunting. Detection engineering. Tabletop exercises. Training and skill development.
This transition won't happen overnight. But it is happening. The technology is maturing rapidly. The economic pressure to do more with the same headcount is constant. And the operational benefits are too significant to ignore.
The future SOC is not analyst versus AI. It's analysts operating through AI.
The organizations that understand that distinction early will investigate faster, respond earlier, and spend more human time on actual adversaries instead of alert queues.
The security analyst job won't disappear. But the job that's just alert triage, context gathering, and routine investigation? That job is on borrowed time. And honestly, that's good news for the people doing it. They deserve to spend their expertise on something that actually needs it.
