AI and Human Analysts Team Up to Revolutionize Threat Detection
A hybrid defense model in Managed Detection and Response combines AI agents with human analysts for faster threat response and proactive security decisions.
A new hybrid defense model is emerging in Managed Detection and Response (MDR), where agentic AI enhances—not replaces—human analysts, enabling faster threat response and more proactive security decisions.
Redefining MDR: Humans and AI as Strategic Collaborators
As cyber threats grow more complex, security teams are under pressure to act faster. Leading MDR providers are deploying agentic AI—systems that pursue defined goals autonomously—as trusted collaborators. The future is not human vs. machine, but human with machine.
Dustin Hillard, CTO at eSentire, explains that AI now understands a customer’s threat surface and business priorities, helping determine what to patch or change to reduce risk. AI analyzes telemetry, correlates threats, and surfaces tailored recommendations, freeing analysts to validate results and drive action.
Building the Human-AI Partnership
The model’s effectiveness depends on how well AI is guided by human expertise. "AI doesn’t just spring into existence with all the answers," Hillard said. "It’s the goals we set, the context we provide, and the way we embed analyst expertise that shapes its behavior."
Key requirements for success:
- Shared goals, transparency, and trust between AI and humans.
- AI handles the first 90% of investigative workflows, while analysts focus on the final 10%, where judgment and creativity matter.
- Multi-signal analysis is critical—AI needs a full view of the attack surface to make credible recommendations.
Operationalizing the Hybrid Model
Hillard outlined three pillars for adoption:
- Rich telemetry: AI must access cross-environment data for meaningful insights.
- Codified expertise: Embed analyst knowledge into workflows to make it repeatable.
- Proactive use cases: Move beyond incident response to assess risk and make strategic recommendations.
The goal is to scale analyst expertise, not replace it. By combining human context with AI’s speed, MDR teams can respond faster and deliver higher-impact outcomes.
As Hillard put it, "It’s not just about automation—it’s about augmentation with purpose."
Related News
AWS extends Bedrock AgentCore Gateway to unify MCP servers for AI agents
AWS announces expanded Amazon Bedrock AgentCore Gateway support for MCP servers, enabling centralized management of AI agent tools across organizations.
CEOs Must Prioritize AI Investment Amid Rapid Change
Forward-thinking CEOs are focusing on AI investment, agile operations, and strategic growth to navigate disruption and lead competitively.
About the Author
Alex Thompson
AI Technology Editor
Senior technology editor specializing in AI and machine learning content creation for 8 years. Former technical editor at AI Magazine, now provides technical documentation and content strategy services for multiple AI companies. Excels at transforming complex AI technical concepts into accessible content.