AI and Human Analysts Team Up to Revolutionize Threat Detection
A hybrid defense model in Managed Detection and Response combines AI agents with human analysts for faster threat response and proactive security decisions.
A new hybrid defense model is emerging in Managed Detection and Response (MDR), where agentic AI enhances—not replaces—human analysts, enabling faster threat response and more proactive security decisions.
Redefining MDR: Humans and AI as Strategic Collaborators
As cyber threats grow more complex, security teams are under pressure to act faster. Leading MDR providers are deploying agentic AI—systems that pursue defined goals autonomously—as trusted collaborators. The future is not human vs. machine, but human with machine.
Dustin Hillard, CTO at eSentire, explains that AI now understands a customer’s threat surface and business priorities, helping determine what to patch or change to reduce risk. AI analyzes telemetry, correlates threats, and surfaces tailored recommendations, freeing analysts to validate results and drive action.
Building the Human-AI Partnership
The model’s effectiveness depends on how well AI is guided by human expertise. "AI doesn’t just spring into existence with all the answers," Hillard said. "It’s the goals we set, the context we provide, and the way we embed analyst expertise that shapes its behavior."
Key requirements for success:
- Shared goals, transparency, and trust between AI and humans.
- AI handles the first 90% of investigative workflows, while analysts focus on the final 10%, where judgment and creativity matter.
- Multi-signal analysis is critical—AI needs a full view of the attack surface to make credible recommendations.
Operationalizing the Hybrid Model
Hillard outlined three pillars for adoption:
- Rich telemetry: AI must access cross-environment data for meaningful insights.
- Codified expertise: Embed analyst knowledge into workflows to make it repeatable.
- Proactive use cases: Move beyond incident response to assess risk and make strategic recommendations.
The goal is to scale analyst expertise, not replace it. By combining human context with AI’s speed, MDR teams can respond faster and deliver higher-impact outcomes.
As Hillard put it, "It’s not just about automation—it’s about augmentation with purpose."
Related News
Zscaler CAIO on securing AI agents and blending rule-based with generative models
Claudionor Coelho Jr, Chief AI Officer at Zscaler, discusses AI's rapid evolution, cybersecurity challenges, and combining rule-based reasoning with generative models for enterprise transformation.
Lenovo Wins Frost Sullivan 2025 Asia-Pacific AI Services Leadership Award
Lenovo earns Frost Sullivan's 2025 Asia-Pacific AI Services Customer Value Leadership Recognition for its value-driven innovation and real-world AI impact.
About the Author
Alex Thompson
AI Technology Editor
Senior technology editor specializing in AI and machine learning content creation for 8 years. Former technical editor at AI Magazine, now provides technical documentation and content strategy services for multiple AI companies. Excels at transforming complex AI technical concepts into accessible content.