Exaforce Bets on Agentic AI to Reinvent the SOC

The security operations center (SOC) is one of the most stressed environments in enterprise IT. Analysts drown in data, alerts pile up faster than they can be triaged, and the ever-expanding attack surface—from SaaS to source code repositories—makes traditional tooling feel antiquated. Into this chaos steps Exaforce, a startup claiming it can remake the SOC by applying agentic AI across every stage of the lifecycle, not just alert triage.

Most AI security vendors stop at automating first-line analyst tasks. Exaforce says that’s far too narrow. Its new platform, unveiled today, combines a multi-model AI engine with modular “Exabot” agents to handle threat detection, investigations, hunting, and response as well. The company is also packaging the system two ways: as a SaaS product for organizations that want control, or as a fully managed MDR service for those looking to outsource operations.

“Exaforce goes far beyond the current implementations of AI analysts to build a truly next generation SOC platform,” said James Berthoty, founder of analyst firm Latio. “Unlike most existing players who are solving only small pieces of SOC optimization, Exaforce optimizes just about every area of the SOC with a massive data platform built for agentic optimizations.” Earlier this year, Latio named Exaforce the leader in its AI Security Report, underscoring that broad scope.

Why SOCs Are Cracking

SOC teams today face petabytes of telemetry streaming in from cloud services, identity providers, endpoints, and more. Traditional SIEMs and UEBA tools weren’t designed for this reality, and bolting on AI features has done little to fix systemic blind spots. Modern AI SOC entrants tend to lean heavily on large language models, but limit their focus to tasks like summarizing alerts—leaving deeper functions like detection engineering and coordinated response still dependent on human effort.

Exaforce wants to shatter that piecemeal approach. Its platform blends LLM-based reasoning with behavioral analytics, contextual understanding of cloud and identity data, and automation workflows that can execute remediations in real time. Think less “copilot” and more “Tier-3 analyst on demand.”

“At Exaforce, we believe the real promise of AI is to democratize security operations, so every organization, no matter its size or resources, can defend itself with the same confidence as the world’s largest enterprises,” said Ankur Singla, co-founder and CEO of Exaforce.

A Unified AI SOC

The company is pitching four critical pillars:

• Threat detection across IaaS and SaaS, without constant rule-writing.

• Alert triage that reduces false positives and enriches alerts with investigation-ready context.

• Threat hunting and investigations accelerated by AI copilots that map attack paths in minutes.

• Response orchestration where automated agents reset MFA, disable devices, or even confirm actions with end users.

Raghuraman Sethuraman, VP of Engineering at Automation Anywhere, says Exaforce has already halved his team’s investigation workload. “It closed critical gaps in SaaS detection and response where native capabilities fall short, and its agentic workflows have cut investigation effort by approximately 50%, freeing our team to focus on the strategic threats that matter the most,” he said.

Flexibility and Traction

Exaforce’s model is unusual in that it offers both SaaS and MDR delivery with identical AI underpinnings. SaaS customers get full control and regional data residency; MDR customers get outsourced operations that still leverage the platform’s AI agents. Either way, Exaforce claims deployment takes hours, not months.

The company has already signed customers in industries ranging from financial services to energy, including Accton, NTT Data, Commonwealth Fusion Systems, and Invisible Technologies. Its backers include Khosla Ventures, Mayfield, and Thomvest Ventures—a roster that suggests serious growth ambitions.

The Bigger Picture

The agentic SOC idea plays directly into the current debate about AI’s role in cybersecurity. Is it just an efficiency tool for overwhelmed analysts, or a way to fundamentally re-architect operations? Exaforce is betting on the latter. If its platform can live up to the promise of “Tier-3 expertise at machine scale,” the definition of a modern SOC could shift from a human-first command center to an AI-driven engine where humans handle only the edge cases.

For now, the pitch is audacious. But if early adopters’ results hold, Exaforce may have just set the bar for what “AI in the SOC” really means.