Intezer Launches SOC Operating Layer for AI Agents -- Security Today

Advanced Security Operations Center with CCTV Monitoring Wall

Intezer Launches SOC Operating Layer for AI Agents

The protocol integration provides frontier AI models with direct access to normalized forensic data to accelerate cybersecurity triage.

By Jesse Jacobs
Jun 22, 2026

A new software framework aims to help enterprise organizations integrate generative artificial intelligence into their security operations centers.

Intezer announced a redesigned Model Context Protocol server developed to supply autonomous tools with structured security context. The integration provides frontier AI assistants, including Anthropic Claude, OpenAI Codex and Cursor, with direct access to forensic data gathered from the automated triage of network alerts.

Plugging generative AI platforms directly into raw security detection feeds often yields inconsistent and unreliable outcomes, while building custom data pipelines remains cost-prohibitive for many enterprises. The new operating layer is designed to act as a system of record, collecting and normalizing data across various security layers before the information reaches the AI workspace.

The system ingests alerts from endpoint detection and response, network detection and response, security information and event management, identity, cloud and email security platforms. It then executes forensic analysis to deliver automated verdicts. According to company data, the autonomous layer handles the initial volume to scale down data feeds, allowing connected AI models to inherit historical context when executing response actions or generating incident reports.

By routing data through a unified protocol layer rather than individual tool connectors, security teams can use the connected AI models to write automated tuning rules for false positives, cross-reference user login histories during anomalous travel alerts and sweep enterprise networks for newly discovered threat indicators.

The integration architecture is currently available to existing customers, allowing organizations to maintain localized ownership of case histories, triage logic and internal detection rules within their own network instances.

About the Author

Jesse Jacobs is assistant editor of SecurityToday.com.

Featured

Intezer Launches SOC Operating Layer for AI Agents

The protocol integration provides frontier AI models with direct access to normalized forensic data to accelerate cybersecurity triage. Read Now
The Rise of the Unmanned Business: How Access Control Shapes the Future of Operations

Modern access control has evolved from a security lock into an automated business operations engine, enabling around-the-clock unstaffed fitness centers, coworking spaces, and retail hubs. Read Now
- Access Control
- Facility Security
- Building Automation
Moving Down the Street

A short-distance relocation to a streamlined executive office anchors a remote-first hybrid work model, a 40% growth projection and upcoming smart security acquisitions. Read Now
- Dealers and Integrators
- Corporate
- Integrated Home
Enterprise Identity Management Flaws Expose Cyber Vulnerabilities

A joint study by the FIDO Alliance and HID reveals a sharp disconnect between perceived security readiness and actual access revocation failures. Read Now
Holistic Operational Orchestration Replaces Fragmented Physical Security Contracts

Static guarding models are giving way to agile, hybrid security ecosystems that blend edge AI analytics, mobile patrols and real-time dashboard tracking. Read Now
- Physical Security
- Artificial Intelligence
- Risk Management

Artificial Intelligence

New Products

Luma x20

Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”
Camden CV-7600 High Security Card Readers

Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.
HD2055 Modular Barricade

Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.