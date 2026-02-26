Securonix has introduced a new AI-driven operating model for security operations centres (SOCs) with the launch of “Sam”, an AI SOC analyst, alongside its Agentic Mesh orchestration framework. Developed in collaboration with Amazon Web Services (AWS), the offering is positioned to address rising alert volumes, analyst shortages and growing complexity in security monitoring environments.

The company said the new approach focuses on measuring AI impact through completed analyst workflows rather than traditional consumption-based metrics, reflecting a broader industry shift toward outcome-driven security operations.

AI-assisted SOC workflows

Sam, the AI SOC analyst, is designed to automate Tier 1 and Tier 2 operational tasks such as alert triage, investigation support, correlation and response preparation. Integrated within the company’s Unified Defence SIEM platform, the system aims to augment analyst teams by reducing repetitive workloads while maintaining human oversight through approval workflows and audit trails.

Security operations teams are increasingly exploring AI-driven automation as they face growing volumes of alerts and limited skilled resources. Analysts note that productivity-focused models are emerging as organisations look to demonstrate measurable value from AI deployments in regulated environments.

Agentic Mesh introduces governed orchestration

The Agentic Mesh framework acts as a coordination layer for specialised AI agents across detection, investigation, response and reporting tasks. Rather than functioning as a single assistant, the system is designed to maintain shared context and enforce enterprise policy controls across AI-assisted actions.

According to the company, governance and explainability are central to the design, with human-in-the-loop mechanisms enabling analysts to review and validate outcomes. The orchestration layer has been built using Amazon Bedrock technologies to support scalability and secure deployment within customer environments.

Focus on measurable outcomes and data efficiency

Alongside the new AI capabilities, Securonix introduced Data Pipeline Manager with Flex Consumption (DPM Flex), aimed at optimising how telemetry data is routed into security analytics workflows. The model prioritises analytical relevance over raw data volume, reflecting industry efforts to control SIEM costs as data pipelines expand.

Security leaders are increasingly under pressure to justify AI investments to executive stakeholders and regulators, prompting vendors to position AI in terms of productivity gains, governance and operational transparency rather than feature adoption alone.

The newly announced capabilities, including Sam, Agentic Mesh and DPM Flex, are available to Securonix customers globally.