MSSP, MDR, Threat Management, SOC

Deepwatch Introduces NEXA: A Collaborative Agentic AI Ecosystem Transforming MDR Operations

AI auditing faulty programming code, detecting anomalies, insecure logic, and suggesting corrections in a humorous and flawed code example.

Deepwatch has launched NEXA, a collaborative agentic AI ecosystem that reimagines how Managed Detection and Response (MDR) teams and customers work together. Unlike traditional AI-assisted automation that focuses mainly on efficiency within the SOC, NEXA combines six intelligent agents designed to unify operations, visibility, and decision-making across both security and business functions.

Sam Kumarsamy, Senior Director at Deepwatch, told MSSP Alert that the difference lies in how NEXA merges AI-driven automation with human collaboration:

“AI-assisted SOC automation is specifically focused on enhancing the MDR provider’s SOC analysts’ productivity by automating alert search and triage tasks. This typically entails automating Tier 1 and Tier 2 support using agents,” said Kumarsamy.

“The NEXA Agentic AI Ecosystem, in addition to providing the three SOC analyst agents - Investigative, Narrative, and Response - to detect, investigate, and remediate threats faster, also provides three collaborative agents to enhance the customer experience.”

Those three new agents, the CTEM Agent, Detection Analyzer Agent, and Ticket Analyzer Agent, extend AI capabilities beyond the SOC, improving transparency and proactive defense. As Kumarsamy explained, “These customer agents work collaboratively to proactively reduce risk and strengthen the security posture of any organization, always keeping humans in the loop. Organizations can stop threats before they become incidents.”

Bringing Customers into the Security Conversation

One of NEXA’s most practical innovations is how it changes customer interaction. Rather than relying on technical dashboards or SQL queries, customers can communicate directly with the system in natural language.

Kumarsamy noted that NEXA’s customer-facing agents democratize access to intelligence across the organization:

“Both business and technical leaders can interact with the customer-facing agents by asking questions in plain English without expertise in any specific query language and get responses in seconds—such as the material impact of exposures, what detections are applied to a specific exploit, and the summary status of tickets and response recommendations.”

He added that this accessibility doesn’t remove human oversight: “In each of these decisions, humans are involved in validating the accuracy of the results and decision-making, such as approval of host or endpoint isolation.”

This approach ensures that AI remains a collaborative partner rather than an unchecked decision-maker - building confidence and trust across stakeholders.

Aligning Detection Frameworks with Business Impact

As enterprises and MSSPs increasingly standardize on frameworks like MITRE ATT&CK and CTEM (Continuous Threat Exposure Management), NEXA’s integration strategy aligns detection capabilities with measurable business outcomes.

Kumarsamy explained how this integration works in practice:

“NEXA is purpose-built to seamlessly map detections with existing frameworks like MITRE and CTEM. It also integrates with pre-built detection and response workflows such as EDR, where an automated response to an infected endpoint might be to isolate it from the network.”

He continued, “The CTEM agent takes technical metrics like threat exposures in assets and determines their business impact on material risk that the executives and the board care about and can act upon. This helps an organization proactively reduce risk and improve its security posture against threats.”

By bridging technical data with business context, NEXA provides shared visibility across teams - translating detections into risk insights that executives can use to make informed decisions.

With NEXA, Deepwatch is positioning itself at the intersection of human expertise and agentic AI. Its six interconnected agents bring clarity, speed, and shared intelligence to the entire security lifecycle - making collaboration, not automation, the driving force behind faster threat resolution and stronger posture management.

Suparna Chawla Bhasin

Suparna is the Senior Managing Editor for CyberRisk Alliance’s Channel Brands, including MSSP Alert and ChannelE2E. She manages content development, sharpens editorial workflows, and ensures storytelling is tightly aligned with audience needs. With a background in technology, media, and education, she combines strategic insight with creative execution.

You can skip this ad in 5 seconds