Swimlane Inc., which provides agentic artificial intelligence automation for cybersecurity, today announced a new role in its security analyst playbook with an AI security operations center operated by proactive agents instead of reactive assistants.

The company said the new AI SOC represents a shift in security thinking by putting “deep agents” in the trenches where they handle the cognitive load, but remain auditable and transparent, keeping enterprises and startups prepared for what’s coming.

“Deep agents tackle tough, complex problems with methodical reasoning, while expert agents quickly handle specific, skilled tasks,” said co-founder and Chief Executive Cody Cornell.

The new solution comes with more than 100 knowledge base articles out-of-the-box rooted in best practices and organizational context. The underlying network of agents provides its own guardrails for trustworthy action at scale and customers maintain complete control to review, modify and rebuild AI-generated plans and workflows. The company says every action is explainable and auditable.

“With Swimlane AI SOC, we’re augmenting our analysts with intelligent automation that improves efficiency, sharpens focus and strengthens our ability to proactively counter cyberthreats,” said LeAnn Cary, vice president and practice leader of cybersecurity solutions integrator Optiv Security Inc.’s Advanced Fusion Center.

AI agents moving into security faster than ever

When large language models first entered the scene, they provided a breakthrough in security thinking. They could quickly take big-data analysis of anomalies and patterns in unstructured data and sift through it to “see” unlikely or stand-out behaviors in traffic that didn’t fit.

However, the first uses of large language models began as assistants, which were conversational interfaces and analysis tools set atop existing security instrumentation used as a layer, running only when called on. The advent of agents has provided autonomy, an always-on capability that makes LLMs the “brain” of a monitor. That enables them quickly to discover ongoing events, identify vulnerabilities, alert experts and explain why something requires attention — or take instant action if permitted.

Agents are being built by fast-moving startups and enterprise veterans alike. For example, Microsoft Corp.’s Sentinel, the company’s cloud-native security operations platform, leaned heavily into AI and agentic AI in 2025. Google LLC launched Agentic Threat Intelligence, a conversational AI platform that acts as a virtual teammate capable of sourcing data and insights from vast pools of data.

Startups Simbian Inc. and Dropzone AI Inc. build agentic AI to assist companies in providing autonomous security, adapt to diverse information technology environments, handling potential breaches and managing security tools.

The pace at which AI capabilities are expanding for defense continues to expand even as attackers harness it in a paradigm known as the Red Queen’s race, posited by English author Lewis Carroll — where both sides evolve to stay in the same spot.

“We’ve built the foundation for enterprise-grade deep agents that operate autonomously, reliably, and at real scale,” said Srikant Vissamsetti, chief operating officer at Swimlane.

The company said the offering comes with two primary agents: an investigation and response agent and a playbook generator agent.

Together, they allow tool calling, Model Context Protocol access, graph and feedback loop visibility, reasoning and memory. Security teams can use them to construct investigations and knowledge base articles, get human review, and then let playbooks run with rapid responses at the edge, catching attacks as they come.

“AI SOC isn’t just a product, it’s a new operating model for how organizations defend, scale and stay ahead of tomorrow’s threats,” said Vissamsetti.

Image: SiliconANGLE/Ideogram