Krux
March 16, 2026
AI Security Ops Cut Alert Response to Two Minutes
Published: March 16, 2026 at 12:56 AM
Updated: March 16, 2026 at 12:56 AM
100-word summary
A new UnderDefense report claims AI-driven security operations centers are hitting 2-minute alert-to-triage times and escalating critical incidents in 15 minutes, based on data from 500+ managed detection clients. That's fast enough to stop ransomware before encryption spreads beyond the first handful of files. The catch? The benchmarks come from the vendor's own deployments, not independent auditors. UnderDefense also reports detecting threats two days faster than CrowdStrike OverWatch and a perfect ransomware-prevention record across its client base. If the numbers hold, the shift from human-first to AI-first triage isn't just faster, it's redefining what "real-time" threat response actually means.
What happened
A new UnderDefense report claims AI-driven security operations centers are hitting 2-minute alert-to-triage times and escalating critical incidents in 15 minutes, based on data from 500+ managed detection clients. That's fast enough to stop ransomware before encryption spreads beyond the first handful of files. The catch? The benchmarks come from the vendor's own deployments, not independent auditors. UnderDefense also reports detecting threats two days faster than CrowdStrike OverWatch and a perfect ransomware-prevention record across its client base.
Why it matters
If the numbers hold, the shift from human-first to AI-first triage isn't just faster, it's redefining what "real-time" threat response actually means.