Security monitoring platform company Panther Labs Inc. today announced the general availability of its complete AI SOC Platform, a new security operations service where artificial intelligence agents continuously learn the patterns and risk profile of an organization and improve over time like a skilled coworker who gets sharper with experience.

The new AI SOC Platform sees AI agents embedded natively across the security operations lifecycle to democratize senior-level expertise, accelerate every critical security operations center workflow and consolidate siloed tools and scattered context into a single, continuously improving system.

Enterprise security teams have spent years trying to solve the same problem by adding more tools, more analysts and faster triage, resulting in growing alert volumes and false positives. Panther argues that the modern security stack wasn’t designed but was accumulated, with dozens of tools, each with its own narrow view of the environment, missing the context that would make it truly effective.

Panther’s new AI agents have native access to the data lake, detection engine and organizational knowledge to give them the full context needed to investigate thoroughly, act autonomously and incorporate every outcome back into the platform.

Key capabilities of the Panther AI SOC Platform include an AI Alert Triage Agent that autonomously investigates alerts by drawing on all available context — the data lake, historical alerts and detections — to deliver a clear risk classification with transparent reasoning. The agent learns the unique patterns and risk profile of each customer’s environment, auto-resolving noise and escalating only what matters.

Closed-loop detection tuning makes every triage outcome become a label that automatically tunes detection logic over time. An AI detection builder converts threat hypotheses described in natural language into production-ready Python detections, delivered as GitHub pull requests.. Human review is required before deployment.

Other features include proactive threat coverage, including scheduled AI runs that analyze telemetry across the full data lake to surface threats beyond what prewritten rules cover, identifying gaps before they become incidents. In addition, the platform offersconversational investigation with natural language queries across all normalized log sources, with the ability to reference detection logic directly.

Contextual assembly via Model Context Protocol automatically pulls context from identity providers, ticketing systems, code repositories and internal documentation during every investigation. And controlled automation makes sure that every automated action is logged, reviewable and auditable.

Detections are written in Python, with detection logic, a SQL-queryable security data lake and structured schemas that give AI agents the ability to read, reason about and propose specific changes to detection rules.

In pre-full-release testing, Panther customers have seen a 90% reduction in investigation times within the first few months of deployment, 70% faster detection tuning and an 85% reduction in total alert volume.

“For years, the industry treated the SOC’s core challenge as a scale problem,” said founder and Chief Executive Jack Naglieri. “But scaled was never the real constraint. The SOC has always demanded human judgment — knowing which signals matter, knowing what context to pull and where to find it, making the right call on a borderline alert.”

That expertise, Naglieri said, just didn’t scale. “Today, analysts aren’t doing the work. They’re guiding it,” he said. “Every decision they make gets encoded back into the platform, so the system learns how your team thinks and gets measurably smarter over time. That’s what closing the loop means.”

Panther has raised approximately $140 million in venture funding. Investors in the company include Coatue Management, ICONIQ Growth, Snowflake Ventures, Lightspeed Venture Partners LP, S28 Capital, Innovation Endeavors, Fathom Capital and 645 Ventures.

Image: Panther