7AI Streamlines Security Operations With Autonomous AI Agents

The co-founders of EDR provider Cybereason have regrouped with a new security startup, 7AI, to help organizations shift the burden of performing repetitive and routine security tasks currently performed by human analysts onto AI. 7AI's Agentic AI Platform frees security professionals from time-consuming tasks such as triaging alerts, interpreting signals, correlating telemetry and hunting for known threats, says Lior Div, one of the co-founders.

Div and Yonatan Striem-Amit left Cybereason two years ago after Softbank took a majority stake in the company and founded 7AI in April 2024. The startup, which emerged from stealth on Thursday, claimed over a dozen companies, mostly large and mid-sized enterprises, are already using its Agentic AI Platform. 7AI also received $36 million in seed funding from Greylock Partners, Spark Capital, and CRV.

Div describes agentic AI as "swarms of AI agents" capable of autonomously taking on routine security tasks. Unlike isolated generative AI agents, these swarms can enable autonomous operations by pooling and communicating their intelligence to investigate and prioritize threats while optimizing system resources. A swarm of agents working in tandem, means one agent could be configured to discover suspicious telemetry in an EDR system while another is configured to validate the potential threat by correlating cloud logs. Yet another agent could be configured to observe user behavior patterns in identity and access management (IAM) systems. 

"Instead of spending their time on repetitive work to respond to alerts, our early customers are able to start their work with full context, drastically fewer false positives, and the results of full investigations," Div explained in a blog post announcing the company's new platform. The platform documents how each agent reached their conclusions and can be reviewed at any time by human analysts.

7AI's agentic AI capabilities, which is hosted in the Amazon Web Services cloud, is built with generative AI tools from both Open AI and Anthropic. "When it comes to reasoning, we're using Open AI," Div tells Dark Reading. "But when it's come to actually implementing and writing code, we're using Anthropic."

A Replacement for SOAR?

The platform is not designed to replace security administrators and analysts, but rather allow them to take mundane tasks off their plates so they can allocate their time to more strategic functions. "AI will take away 90% of the boring, toiling work," Div says.

Besides handling repetitive tasks, 7AI's platform is designed to correlate telemetry without moving data into another system. For example, in a typical threat hunting scenario, the data would have to be pushed into a security information and event management (SIEM). Instead, 7AI correlates the information at its source. The platform can also detect threat activity and anomalies in IAM systems such as Okta, Div says.

"We believe our AI will meet the data where the data was born," he says. You don't have to send a lot of those pieces to the SIEM anymore."

This could also reduce organizations' reliance on managed security and service providers (MSSPs) or managed detection and response (MDR) providers, Div suggests.

"We don't think that you will need a SOAR once you have our system, because it will decide on the fly what is the right playbook to run and what type of investigation to conduct without the need for human beings to specify it step by step," Div says.