- Correlates SIEM alerts, maps them to MITRE ATT&CK techniques, and prioritizes — every enrichment explained and every step replayable.
- Observability
Alert triage and response — with bounded autonomy.
SOC agents triage alerts and drive response across SIEM/SOAR with bounded autonomy. Containment actions are gated, autonomy can only tighten the risk floor it can never weaken, and every step is replayable — so the agent that fights at machine speed still can't act beyond its leash.
Aligned with MITRE ATT&CK · ISO 27001 · SOC 2 · NIST AI RMF
An autonomous responder is only safe if it can't overreach.
Security automation has to move fast, but an agent that can isolate a host, disable an account, or block a range can also take down production if it's wrong. The risk is a powerful actor acting beyond its mandate. Cortex bounds the autonomy: containment is a gated action, the risk floor can only tighten, detection & response watches the agents themselves, and every step is replayable.
Triage at machine speed, response on a leash.
Each agent runs under an oversight mode with a risk floor; containment threads through the Action Fabric, and detection & response watches the agents themselves.
- Drives SOAR playbooks as Action Fabric actions; high-impact containment (isolate host, disable account) pends for approval before it fires.
- Action Fabric
- The oversight mode sets a risk floor the agent can only tighten — autonomy can make a decision stricter, never weaker than the action's own gate.
- Oversight modes
- Watches the agents themselves for suspicious prompts, tool misuse, cost spikes, and repeated denials — and contains a misbehaving agent automatically.
- Agent Detection & Response
- Every triage and response step is sealed into a hash-chained record with full lineage — replay the whole incident for the post-mortem or the auditor.
- Trust Ledger
The agent can tighten the risk gate — it can never loosen it.
Every action carries its own risk floor; an agent's oversight mode can make the decision stricter but never weaker. So even an autonomous responder can't auto-fire a high-impact containment — that action's floor holds it for approval, and detection & response is watching the agent the whole time.
- Oversight mode can only tighten the action's risk floor — never weaken it
- High-impact containment (isolate host, disable account) pends for approval
- Agent detection & response auto-contains a misbehaving agent
- Every triage and response step replayable from the sealed lineage
The verdicts an incident commander will see.
These are the literal runtime responses — autonomy never lets a high-impact action skip its gate.
- 01
Model the domain
Map the work to typed ontology objects — Alert, Incident, Asset, Identity, Containment — with restricted fields like credential / secret locked at the property level.
- 02
Encode the rules
Translate the obligations above into Policy-as-Code and Action Fabric approvals — the gates fail closed, returning a precise code, not a guess.
- 03
Prove the outcome
Every run lands in a hash-chained Trust Ledger with signed receipts and 10-hop provenance — a record you can hand the regulator.
The controls behind security operations.
The same shared runtime powers every vertical — here are the capabilities and the Solution Pack this industry composes from.
Oversight modes
Set a risk floor autonomy can only tighten — bounded response by design.
Action Fabric
Containment runs as gated, compensatable actions with approval thresholds.
Security & ADR
Detection & response watches the agents themselves and auto-contains.
Trust Ledger
Replay any incident step-by-step from the sealed, hash-chained lineage.
Control Tower
Watch every responder live and pause the fleet with one kill switch.
Trust Center
Map bounded autonomy and replay to ISO 27001 and NIST AI RMF.
Govern the agents that defend you — not just the threats.
Bounded autonomy, agent detection & response, action gating, and replay are shared across triage and response — so the responder that fights at machine speed still can't act beyond its leash. Aligned with, never claiming certification you don't hold.
AI agents for security operations — questions, answered.
Can an AI security agent isolate a host or disable an account on its own?
Only if the action's risk floor permits it. High-impact containment carries a floor that holds it for human approval; an agent's oversight mode can tighten that gate but never weaken it, so an autonomous responder still can't auto-fire a damaging action.
What is bounded autonomy in Cortex?
Every action has its own risk floor, and an agent's oversight mode can only make decisions stricter than that floor — never weaker. Autonomy speeds up the safe work while the dangerous work stays gated.
How does Cortex protect against a compromised or misbehaving agent?
Agent detection & response watches the agents themselves for suspicious prompts, tool misuse, unusual data access, cost spikes, exfiltration, and repeated denials — and automatically contains the agent by pausing, disabling, or revoking it.
Can we replay an incident for a post-mortem?
Yes. Every triage and response step is sealed into a hash-chained ledger with full 10-hop lineage, so the entire incident can be replayed for a post-mortem or an auditor.
One governed runtime, every regulated vertical.
The controls are the same — the obligations they satisfy differ. Explore another vertical, or see the full set.
Respond at machine speed — without acting beyond the leash.
See the autonomy dial, the risk floor, and the agent detection & response that bounds every SOC agent.