New Capability in ION MXDR Slashes Investigation Time by 50% and Helps Resolve 99.5% of Incidents Without the Need for Customer Involvement
Ontinue, a leading provider of AI-powered managed extended detection and response (MXDR) services and winner of the 2023 Microsoft Security Services Innovator of the Year award, announced it is the first Microsoft-focused MXDR provider to bring autonomous investigations to market. This groundbreaking technology transforms MXDR by scaling expert-level security analysis, accelerating investigations, and reducing customers’ SecOps burdens using Agentic AI.
Automation has long accelerated Tier 1 incident triage by handling repetitive tasks, helping defenders quickly resolve commonly seen incidents. Ontinue takes this further with autonomous investigations powered by Agentic AI—now live in production for every customer since December 2024. This innovation extends automation to Tier 2-level investigations. When an incident is escalated to the Ontinue Cyber Defense Center, a team of AI agents automatically aggregates telemetry, forms and tests hypotheses, and conducts a full investigation — work that would typically require a Tier 2/3 analyst – that is passed to an Ontinue Cyber Defender. The result is a detailed summary with step-by-step logic, giving human defenders a head start in the race against attackers. This capability has cut mean time to investigate by up to 50% and enables Ontinue to resolve 99.5% of incidents without customer involvement, saving customer security teams hundreds of hours.
Cyber Technology Insights : F5 Secures Sensitive Data and Streamlines Compliance
“Agentic AI doesn’t just evolve how we do security — it redefines it,” said Geoff Haydon, CEO of Ontinue. “Unlike traditional automation tools that follow prescriptive rule-based scripts, the generative nature of Agentic AI allows it to learn, reason, test, and adapt within the context of any given situation. It doesn’t just assist humans, it amplifies them. Autonomous investigations allow Ontinue’s Cyber Defenders to move faster, go deeper, and make more accurate decisions on behalf of customers. This is not an incremental innovation; it’s a fundamental leap forward in how MDR should be delivered.”
“Ontinue’s new autonomous investigation capability brings speed and precision to threat response,” said Thai Vong, Vice President of Technology and CIO (Acting) at ACR. “It cuts through the noise, focuses our attention on real issues, and reduces the burden on our internal team. That allows us to maintain strong security while keeping our focus on integration, operational efficiency, and growth. It’s a smarter, more scalable approach to cybersecurity—exactly what’s needed in a fast-moving, acquisition-driven environment.”
Solving MDR Scale Challenge
In an era of growing threat sophistication and talent shortages, customers need more than a managed service — they need an AI-augmented team. Many MDR providers still rely on human-only models that can’t keep up with today’s volume, variety, and velocity of threats. Agentic AI helps Ontinue do what legacy MDR providers can’t. The new autonomous investigation capability ensures every alert is fully investigated with contextual depth across logs, identities, endpoints, and cloud environments. That means 24/7 expert-level analysis, action, and resolution — at scale.
Cyber Technology Insights : Blackpoint Cyber and UKON Partner to Redefine Cyber Risk Protection
“Since our inception, we have always viewed AI as a critical technology for overcoming the scale and speed limitations that legacy MDRs simply can’t address,” said Theus Hossmann, Chief Technology Officer at Ontinue. “Automation in security operations has always been limited to deterministic use cases – “if we see x, then do y” – which is useful, but only allows us to automate situations we can predict or have seen before. Novel, more complex incidents have traditionally been left up to humans to investigate because they require human-level reasoning and intuition, and as a result these are the incidents that take the most time to resolve. We took a multi-agentic approach when we built autonomous investigations into the ION SecOps platform which completely flips this paradigm on its head by allowing us to harness near human-level reasoning and creativity at machine speed. As attack surfaces continue to expand and new threats emerge faster than ever, the ability to automatically investigate complex, multi-dimensional incidents is essential.”
Since introducing autonomous investigations in Ontinue ION MXDR, customers have realized significant benefits:
Mean time to investigate has been reduced by up to 50%
99.5% of incidents are resolved without requiring customer involvement
Security teams have saved hundreds of hours they would have otherwise spent on manual investigations
Redefining MDR with Real-Time Collaboration and Agentic AI Automation
Ontinue launched the industry’s first Microsoft Teams-based collaboration model that enables real-time, direct engagement between customers and the Ontinue Cyber Defense Center for faster communication and decision-making during incident management. Smart Response further tailors the service to each organization by automating customizable rules of engagement and escalation paths that allow the ION MXDR service to seamlessly integrate into a customer’s desired operational model. Additionally, Ontinue introduced autonomous investigations powered by proprietary Agentic AI to accelerate investigations at scale. Every incident escalated to the Ontinue Cyber Defense Center is automatically investigated by ION IQ, the AI at the core of the ION MXDR service, before being passed to a human for further analysis. For each incident ION IQ uses Agentic AI to gather contextual information from disparate systems, form a hypothesis, develop an action plan for testing the hypothesis, conduct the investigation, and provide a detailed summary for review by one of Ontinue’s Cyber Defenders – all in a matter of minutes.
Industry analysts recognize the significance of this advancement. “Ontinue’s use of Agentic AI in its autonomous investigation represents a significant leap forward in managed detection & response capabilities,” said Cathy Huang, Research Director at IDC. “It enables a level of automation for the context gathering that was previously unattainable. This innovation not only improves the speed and consistency of threat detection, incident investigation but also empowers security teams to have a comprehensive understanding of each incident, leading to more informed decision-making and better business outcomes.”
Cyber Technology Insights : NordVPN Validated in Independent Security and Performance Evaluation
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source: prnewswire
