Cybersecurity startup
7AI wants to address the skyrocketing number of security alerts that are overwhelming security teams and MSSPs. The startup will leverage its “swarming [AI] agents” that can take the load off security pros by autonomously handling repetitive tasks like triaging and investigating alerts and enriching signals.
The Boston-based company, which was founded last year and
launched in February with $36 million in seed funding, will be at the
Black Hat 2025 show next week in Las Vegas debuting various capabilities that make up its 7AI Agentic Security Platform.
The innovations include dynamic reasoning that enables AI agents to investigate novel alerts and determine the best approach in real-time, enterprise insights that use an organization’s “tribal knowledge” (including policies, approved software, and user roles) to eliminate false positives, and autonomous remediation, where users can authorize AI agents to take actions such as isolating compromised hosts or blocking malicious traffic to respond to alerts.
There are also new incident management capabilities that show a single view of related alerts as incidents for a better overall view of a threat.
Using AI to Defeat AI
The goal is to
use AI agents – including reasoning, mission, and tools agents – for non-human tasks and freeing up human security pros to focus on higher-level priorities. It’s also another example of using AI to defeat AI, in this case the AI tools that threat actors are leveraging in their increasingly complex attacks.
“Security teams are buckling under the weight of alert volumes today,” Nate Burke, 7AI’s chief marketing officer, told MSSP Alert. “This isn't a future problem. After decades of trying to solve this with more people and better automation, we're still losing ground. Technology changes too fast, traditional automation requires constant care and feeding, and solutions that need to be rewritten every time attacks evolve simply aren't sustainable.”
Burke added that “false positives create a particularly vicious tax on already overburdened teams. Every alert demands attention because teams can't afford to miss a real threat. But a huge percentage of analyst time gets consumed investigating things we already know to be benign, if we just had the right context.”
Saving Time and Money
7AI’s agentic AI approach is having an effect, he said, noting that some users say they’re saving between 30 minutes and 2.5 hours per investigation. In April, the vendor said its agentic security platform had investigated more than 178,000 customer alerts and saved security teams
more than 68,000 hours of work, or the equivalent of 334 full-time analyst years and more than $3.4 million in reclaimed productivity.
Security firm
Cybereason wrote earlier this year that organizations are not only facing more sophisticated threats, from phishing to malware to ransomware, but also
alert fatigue created by their growing numbers of security tools. A survey by Cybereason found that 16% of security operations center (SOC) pros admitted to handling only 50% to 59% of alerts they see every week.
On average, often-understaffed SOCs receive 500 investigation-worthy endpoint security alerts each week, with investigations consuming 65% of their time, the cybersecurity platform vendor wrote
“The sheer volume of notifications has become so overwhelming that it is difficult to discern which ones are crucial, and there may not be enough resources or technology in place to effectively handle them all,” the company wrote. “As a result, critical warnings and indicators of potential cyber-attacks can easily go unnoticed or ignored, leaving organizations vulnerable.”
Running Autonomously at Machine Speed
7AI’s AI agents address the challenges presented by the high number of alerts by running at machine speed and not hitting capacity limits as the volume of alerts increases, Burke said.
Also, through enterprise insights, “our agents understand your organizational context,” he said. “They know that sales users can use a VPN, or know which file sharing services are allowed or banned. This contextual understanding gets injected in real-time during investigations, dramatically reducing false positives while ensuring nothing gets missed.”
Burke also noted that 7AI is in production at companies with hundreds of thousands of employees and that its AI agents shouldn’t be confused with AI chatbots or other AI tools – such as MCP servers – that have security questions surrounding them.
“Unlike experimental AI tools, 7AI agents are purpose-built for security with security in mind from day one,” he said. “Rather than building an open-ended conversational AI like ChatGPT, we deploy many single-purpose AI agents, each with a specific mission, reasoning framework, and constrained set of tools. This scoped approach eliminates the security risks you see with general-purpose AI that can be manipulated into unintended behaviors.”
When customers do want to use MCP servers – which are designed to allow AI agents access external data sources – 7AI uses them with enterprise-grade security controls, “ensuring they operate within carefully defined boundaries and authorization policies,” he said. “Our agents can only perform actions that have been explicitly approved by your security team, regardless of the integration method.”
A New Service for MSSPs
MSSPs and MSPs also can use 7AI’s platform, both internally and as a service for customers, Burke said. The vendor is already working with several MSSPs and MSPs and will announce key partnerships in the coming weeks.
“These partners can leverage 7AI's autonomous agents to deliver faster, more accurate, and more cost-effective services than traditional approaches,” he said. “MSSPs and MSPs can deploy 7AI either as an efficiency multiplier for their existing operations or as a completely new revenue opportunity for enhanced service offerings, or both. The platform integrates seamlessly with their existing tool stacks and workflows.”
