The State of AI in Security Operations: 5 Patterns That Defined 2025
From cautious experiments to production deployments—what worked, what didn't, and where we're headed.
Welcome to Detection at Scale, a weekly newsletter on AI-first security operations, detection engineering, and the infrastructure that makes it possible. I’m Jack, founder & CTO at Panther. If you find this valuable, please share it with your team.
2025 was a pivotal year for AI in security operations, where agent deployments transitioned from cautiously optimistic experiments to operational realities driven by excitement and mandates to adopt AI. This rise was characterized by autonomous alert triage, threat hunting across vast security data, and intelligent detection tuning. While teams are still striking the right balance between human and agent decision-making, nearly everyone has realized the early benefits of increased efficiency, team capacity, deeper knowledge, and productivity gains enabled by AI.
2025 delivered what enterprises needed: AI models that are simultaneously cheaper and smarter, providing continuous upgrades and economies of scale throughout the year. Frontier models like Claude 4.5 and GPT-5 pushed the boundaries for reasoning, tool calling, and intelligence, while expanding context windows to maintain state across complex investigations without losing critical details. Protocols like MCP connected thousands of important applications to these models, powering one of the most important recent trends in AI: context engineering. Teams can now easily reach across the IT, ops, and security stack to easily orchestrate response and manage incidents, powered by AI.
There was also a rise in technical security teams building their own SOC agents to serve bespoke internal use cases and augment vendor capabilities. As security vendors introduced their MCP servers, and tools like Claude Code became standard in the enterprise, the barrier to entry dropped significantly. Security teams can now scale at the pace of AI innovation. Sophisticated AI capabilities are accessible to every security team that’s ready to adopt them.
As we navigate this exciting technological shift, a few patterns have become clear:
Context engineering is the key to effective agents
Agent accuracy is preferred over speed, but both are critical
Data privacy is table stakes for commercial AI solutions
Autonomy with human-in-the-loop balances productivity with safety
Focused agents are preferred for specialized security workflows
Context Engineering Powers Effective Agents
AI in security operations is fundamentally a context problem, requiring broad, deep knowledge of an organization’s people, technology, history, and threat models. When agents can access diverse telemetry (e.g., to understand the criticality of an asset), analysis accuracy dramatically increases. Without this foundation, even leading models deliver shallow results that create more work than they save, which is every security team’s worst-case scenario. Agents need the same access to data and tools as their human counterparts so they can continue complementing one another’s strengths.
Consider a data exfiltration scenario that security teams often encounter: an alert fires when an employee downloads a large volume of files from a sensitive internal repository. The alert tells us what happened, but critical questions immediately arise to find the why: Is this employee in a role that normally accesses this data? Was this a personal machine? Have they exhibited other suspicious data access patterns recently?
Traditional SIEM workflows require analysts to manually gather surrounding information through separate queries, forcing them to context-switch and rebuild their mental model of the investigation with each query. Effective agents encode the organizational context needed to answer these questions—pulling employee profiles from identity providers, applying user behavior analytics to detect anomalies, referencing location and device profiles, and following detection-specific runbooks that guide scenario analysis. Agents provide efficient tool calling and context management, making only the necessary queries to test hypotheses and presenting judgment for final approval.
Teams that invested early in data lakes and structured security data pipelines built exactly this foundation. They can now feed agents enrichments, historical patterns, and organizational context, transforming a 30-minute manual investigation into a 2-3-minute agent-assisted analysis.
While agents have transformed how teams automate context gathering, teams have strong opinions about expectations for analytical and reasoning capabilities, especially when precision is required. The challenge is ensuring they reason correctly about what that context means.
Accuracy > Speed
A clear expectation emerged in 2025: security teams prefer accuracy over speed. “I’d rather it take longer and be right” became a common refrain, with current expectations settling around five minutes or less for alert triage and investigation tasks. This reflects the reality that proper context gathering takes time, and agents need to query multiple systems, correlate signals, and apply organizational context before reaching conclusions. Security teams cannot afford to draw the wrong conclusions due to an incorrect tool call or incomplete context. The advantage of AI agents isn’t purely about instant responses; it’s about compressing what used to take 30 minutes of manual work into a few minutes of agent-orchestrated analysis.
Transparency in how agents reach conclusions has become equally critical for production deployments. Agents that don’t show their reasoning or present conclusions without attribution to specific evidence or tools waste analyst time rather than amplify it. When an agent says “this alert is a false positive” without explaining why, the analyst must either blindly trust the conclusion or repeat the entire investigation to verify it. Both outcomes erode trust and create friction. Agents gaining traction in production environments expose their reasoning, show which tools were called and what data was retrieved, and make it easy for analysts to verify, challenge, or follow up on any conclusions. Accuracy and transparency aren’t separate requirements—they’re two aspects of the same fundamental need: agents that security teams can trust to make increasingly autonomous decisions.
Data Privacy Is Non-Negotiable
Security operations teams have made their data privacy expectations unambiguous in 2025. Both the security telemetry fed into agents and the analytical conclusions coming out must remain under strict organizational control. Security leaders closely scrutinize solutions that require fine-tuning or model training to be effective, refusing to send proprietary data to third parties or create new exfiltration risks in the name of security automation. The synthesized insights that agents produce—correlations between alerts, user behavior patterns, threat actor attribution—often carry more strategic sensitivity than any individual log event.
This requirement shapes the entire approach to agent implementation. Teams want to leverage AI capabilities without sending sensitive data for model training, without building dependencies on models trained on their proprietary information, and without creating new compliance headaches. The good news is that zero-shot and few-shot capabilities in frontier models have reached the threshold where fine-tuning is genuinely unnecessary for most agentic workflows in the SOC. Agents can be effective through prompt engineering, tool access, and retrieval-augmented generation rather than requiring custom model training. The data stays in your data lake, the context is assembled at inference time, and the agent reasons over it without any information leaving your control.
Autonomy with Human-in-the-Loop
The autonomy conversation in security operations has matured significantly in 2025. Early reactions swung from banning AI tools entirely to unrealistic expectations that agents would replace Tier 1 analysts. Teams have settled into a more pragmatic model: AI-assisted humans with increasing levels of autonomy based on confidence and risk. The goal with agents is to automate the repetitive grunt work of context gathering that consumes valuable analyst time, but is difficult to automate with deterministic automation. Agents can now handle the initial alert assessment, dynamically adjust priorities based on context, and enrich alerts with threat intelligence before an analyst ever sees them. This progression happens in phases: the “crawl” phase involves simple enrichment/summarization, the “walk” phase involves agents applying reasoning models to make judgments about alerts, while the “run” phase extends that reasoning into automated containment and remediation actions for high-confidence scenarios.
The human role is fundamentally shifting from assessment to oversight. Traditionally, analysts spent 15 to 30 minutes per alert gathering context and deciding next steps—a time-consuming process that agents now handle far more efficiently. The analyst’s interaction moves upstream: instead of investigating every alert from scratch, they validate the agent’s work, provide additional context when the agent escalates uncertainty, and focus on the complex cases that genuinely require nuanced human judgment. At the highest level of autonomy, analysts transition from reviewing individual alerts to managing a team of agents, auditing their output weekly or monthly rather than operating in a constant triage cycle. The human remains in the loop, but the loop itself has changed—less time triaging alerts means more time improving detection logic, refining agent workflows, and addressing the novel threats that agents correctly escalate.
This balanced approach of autonomy with guardrails has emerged as the most successful path forward among CISOs and security practitioners. Agents handle the repetitive, time-intensive work of context gathering and initial assessment, freeing analysts to apply their expertise where it matters most. The productivity gains are substantial, but the model only works when agents earn trust through transparency, accuracy, and knowing when to escalate rather than conclude.
Focused Agents
The most successful agent deployments in 2025 followed a pattern that mirrors how human security teams actually operate: specialized agents working together, rather than a single generalist agent attempting to replace an entire analyst. The “Uber agent” that can handle every aspect of security operations doesn’t exist yet, and teams that have tried to build one have found that generalization comes at the cost of effectiveness. Instead, organizations are deploying focused agents with narrow, well-defined responsibilities—such as a CloudTrail analysis agent that specializes in AWS activity patterns or a detection-tuning agent that optimizes rule performance based on noisy alerts. Each agent becomes an expert in its domain, and collectively they make the SOC more effective.
This architecture enables transfer learning and feedback loops across the entire detection and response lifecycle. When the triage agent repeatedly escalates a specific alert pattern as benign, the detection tuning agent can adjust thresholds or add filters. These specialized agents working in concert create a system that learns and improves continuously, with each agent contributing expertise that compounds across the team. We can now deploy specialized agents, with coordination overhead handled programmatically rather than through meetings and handoffs.
Looking Ahead
The contrast between where we started in 2025 and where we ended is remarkable. Security teams entered the year cautiously experimenting with AI capabilities, unsure of what was hype and what was real. We’re closing the year with agents deployed in production, handling thousands of alerts, running investigations 80% faster, and proving their value in measurable ways. The foundational investments in data lakes, structured telemetry, and detection-as-code are paying dividends, making agents effective rather than just impressive demos.
The future of security operations is a blend of human expertise with agent capabilities. The teams succeeding are amplifying analyst knowledge by automating the repetitive context gathering, initial assessment, and routine response actions that consumed so much time. They’re building focused agents that work together like a well-coordinated team, with humans managing the agent team rather than drowning in alert queues. They’re prioritizing accuracy and transparency over speed, maintaining strict data privacy, and implementing autonomy with appropriate guardrails. The shift from traditional SIEM to agent-driven security operations isn’t complete, but the path forward is clear!
Thanks for reading Detection at Scale. If you found this valuable, please share it with your colleagues who are exploring AI-powered automation in security operations!
Cover photo by Christopher Burns on Unsplash
Strong synthesis on the focused agent pattern. The comparison to human team specialization nails why the monolithic approach fails, context depth in a narrow domain beats shallow generalization across everything. Autonomy with transparency through tool call logs solves the trust issue mosteams face when moving from assisted investigation to automomous containment.