Cybersecurity company Andesite is rolling out its platform for security operations centers (SOCs) that is based on what executives are calling a tight collaboration between human security pros and AI, and the two-year-old startup now has another $23 million to invest in the technology and grow its reach.
The company’s bionic SOC, which is now generally available, is designed to deliver much-needed help to organizations’ cybersecurity teams, which are being overwhelmed by the skyrocketing number of alerts and indicators being generated by a security setup that often involves cobbled-together tools and portals.
The new offering comes as more organizations are either turning to MSSPs and MSPs to outsource their security operations or adopt hybrid models, with MSSPs working with SOC teams, according to Andesite co-founder and CEO Brian Carbaugh.
As the McLean, Virginia-based company grows its business and expands its portfolio, MSSPs will play a larger role, Carbaugh told MSSP Alert in an email.
“The persistent shortage of qualified cybersecurity professionals makes it difficult for companies to build and maintain in-house security teams, driving them toward these co-managed models like MSSPs,” he said. “As we accelerate our mission of augmenting SOCs, MSSPs and MSPs will be critical partners.”
Complexities Swamping SOCs
SOC analysts are juggling as many as 100 security tools, he said, adding that “this fragmentation has led to widespread burnout and operational inefficiency, with skilled team members spending most of their time on menial tasks instead of meaningful threat hunting.”
The growing use by bad actors of AI for their attacks are adding to the challenges, helping to create an environment where previous attempts at automating SOC functions have stumbled because such systems – built atop structured data and rigid rules – can’t address that complexity of the threat landscape or all of the unstructured data holding critical security insights, the CEO said.
According to Andesite numbers, only 37% of SOCs’ time is spent investigating high-priority threats.
Roles for Both Humans and AI
Bionic SOC is aimed at letting humans and AI do what each does best. The AI tool aggregates data from across distributed IT environments, and automation capabilities streamline workflows that span threat intelligence to response, bringing insights to analysts and enhancing security operations. There is full visibility into the decisions made by the AI-based systems, data is kept safe and isn’t used to train other AI models, and compliance with standards like SOC 2 Type 1, NIST 800-53, and NIST CSF is built in.
Shifting such tasks onto AI takes those burdens off humans, Carbaugh said.
“Our bionic SOC product, where AI handles the heavy lifting of data aggregation and correlation across disparate systems, frees SOC analysts to focus on what they do best: hunting threats and making critical security decisions,” he said, adding that the human-AI collaboration is the cornerstone of effective security operations.
“Our approach centers on creating a true partnership between analysts and AI, where each enhances the other's capabilities,” Carbaugh said. “We recognize that security analysts bring irreplaceable skills to the table: their intuitive pattern recognition, creative thinking, and ability to turn insights into action are crucial to effective security operations.”
Transparency in the decision-making done by the AI systems is also key. Analysts must justify their actions, so they need to trust the reasoning behind the recommendations being made by being able to trace and validate what those systems do. This is something fundamental in highly regulated industries like financial services and healthcare.
“The SOC manager, CISO, and analysts can verify the work and have greater confidence in the conclusions, providing peace of mind across the SOC,” he said.
Getting a Financial Boost
The $23 million in seed funding from General Catalyst and Red Cell Partners will help Andesite ramp up its operations and build up its capabilities. The new funding brings to $38.25 million the amount the vendor has gathered from seed funding.
It could be boon to the company, whose technology is aimed at a global SOC market that Future Market Insights say should grow from $80.3 million last year to $217.9 million by 2034.
"We're using the capital to scale our engineering and implementation resources, making sure everyone from the analysts using our product to the CISOs making the buying decisions sees immediate value,” Carbaugh said. “That means maintaining high uptime SLAs and investing in enterprise-ready security and compliance standards like SOC 2 and NIST frameworks for cybersecurity and AI."
