AirMDR has introduced SOC Grader, an open-source tool intended to help security teams evaluate the quality of managed detection and response investigations as soon as cases are closed. The tool applies a published scoring rubric that measures whether an investigation includes a defined plan, supporting evidence, relevant context, clear rationale and actionable next steps. By turning case reviews into a structured and repeatable process, it allows organizations to identify weak investigations in minutes rather than discovering issues months into a contract cycle.The release addresses a long-standing gap in how MDR services are assessed. Buyers have typically relied on speed-based service-level agreements while the depth and defensibility of casework remained difficult to measure. SOC Grader produces a score and detailed feedback for each investigation, highlighting missing evidence or incomplete analysis even when a case appears resolved. That visibility provides a more direct way to validate provider performance and reduces the risk of late-stage dissatisfaction that often leads to provider changes.The same framework can be used for internal SOC operations. Managers can standardize how analysts are coached, extend reviews across a larger sample of cases and track improvement over time using consistent criteria. The rubric is customizable, allowing teams to adjust weighting and evaluation points to match their environment and risk posture. Deployment options include a self-hosted open-source version, a browser-based model that runs with customer-supplied API keys and a limited hosted audit, with case data remaining under customer control.SOC Grader is available under an MIT license and can be modified to fit different operational models. By introducing a transparent method to score investigations, the tool shifts MDR evaluation from subjective review to evidence-based measurement and creates an ongoing feedback loop for both providers and in-house SOC teams.
