The security operations center is undergoing its most significant architectural shift since the introduction of SIEM a decade ago. Across Q4 2025, major vendors rolled out agentic AI capabilities that move security workflows from human-assisted automation to AI-driven decision-making with human oversight. The shift is not incremental. It represents a fundamental change in how threats are detected, investigated, and contained.
Microsoft Embeds Security Copilot in the Enterprise Stack
On November 18, 2025, Microsoft made Security Copilot available to all Microsoft 365 E5 customers, bundling 400 Security Compute Units per month for every 1,000 user licenses. The rollout included 12 new Microsoft-built agents spanning Defender, Entra, Intune, and Purview, alongside more than 30 partner-built agents that extend protection end-to-end.
Among the most notable additions: a Phishing Triage Agent that uses large language models to perform semantic analysis of emails, URLs, and files, determining whether submissions represent genuine threats or false alarms without relying on static rules. The agent learns from analyst feedback and adapts to organizational patterns over time, providing natural language explanations and visual decision maps for every verdict.
Advertisement
300 × 250
A Threat Intelligence Briefing Agent entered public preview, generating organization-specific briefings in minutes by reasoning over industry, geography, and attack surface attributes. Microsoft also launched the Microsoft Security Store, a marketplace for discovering, deploying, and purchasing Security Copilot agents and partner solutions.
SentinelOne Defines the Agentic SOC at OneCon 2025
At its OneCon 2025 conference on November 5, SentinelOne revealed its vision for what it calls the “agentic SOC,” where AI performs investigations and humans approve or reject findings. The centerpiece: Purple AI, now characterized as a “category-defining agentic AI security analyst” with several new capabilities in preview.
These include inline agentic auto-investigations with dynamic reasoning, automated investigations and response through integration with Singularity Hyperautomation, and agentic custom detection rule creation. SentinelOne also released Purple AI Model Context Protocol (MCP) Server as open source on GitHub, enabling third-party AI applications to interact with the platform.
CEO Tomer Weingarten framed the shift explicitly: the industry is moving from “human work assisted by AI” to “AI work approved by humans.” Purple AI reached a 40 percent attach rate on new licenses by late 2025, indicating strong enterprise demand for autonomous investigation capabilities.
SentinelOne further bolstered its AI security portfolio through 2025 acquisitions of Prompt Security and Observo AI, adding capabilities for securing enterprise AI deployments, including protection for employees using AI tools, AI code assistants, AI applications, and agentic AI systems.
CrowdStrike Expands Falcon’s Identity Perimeter
CrowdStrike completed its acquisition of Adaptive Shield, integrating SaaS security posture management into the Falcon platform. The acquisition, announced at Fal.Con Europe in November 2024 and closed in early 2025, gives CrowdStrike visibility into misconfigurations, human and non-human identities, and data exposures across more than 150 SaaS applications.
The integration positions CrowdStrike as the only vendor providing unified protection against identity-based attacks from on-premises Active Directory to cloud identity providers and SaaS applications through a single console. With cloud exploitation cases up 110 percent year over year and 75 percent of initial-access attacks now malware-free, the identity perimeter has become the primary battleground.
What Defenders Should Evaluate
Security leaders considering agentic AI should assess three dimensions. First, transparency: does the agent explain its reasoning in ways that analysts can verify and override? Second, feedback loops: does the system learn from analyst corrections to reduce false positives over time? Third, scope boundaries: can administrators constrain what actions the agent takes autonomously versus what requires human approval?
The vendors leading this shift are betting that autonomous investigation, not just faster alerting, is what will close the persistent skills gap in security operations. For defenders managing alert volumes that outstrip team capacity, this may represent the most practical path forward.