Ontinue has launched a new agentic AI capability within its ION MXDR platform, enabling fully autonomous handling of Tier 2-level incident investigations, reports SiliconANGLE. This marks a shift in how escalated alerts, those requiring deeper analysis across multiple systems—are addressed, particularly for organizations using Microsoft environments. The agentic AI capability, live since December and now widely available, aims to streamline investigation workflows without relying heavily on human analysts.The AI operates by aggregating telemetry, generating hypotheses, and conducting investigations that previously required Tier 2 or 3 analysts. It then delivers a structured output that includes reasoning steps and suggested actions, which Ontinue’s human experts validate. This approach is designed to reduce mean time to investigate incidents while keeping security operations teams focused on high-priority tasks.The broader objective is to help overcome scale challenges that managed detection and response (MDR) providers often face. As threat volumes grow and cybersecurity staffing gaps widen, Ontinue’s approach combines automation with human oversight. The AI handles routine and contextual analysis at speed, reserving human input for decisions that require judgment or escalation.Ontinue’s platform already automated Tier 1 triage. With the addition of agentic AI, automation now spans deeper into the lifecycle of threat response. The intelligence layer, ION IQ, draws from a broad set of contextual signals, logs, identities, endpoints, and cloud systems, to support AI-driven investigations. This allows the system to adapt dynamically to new and complex attack patterns.
