Automation

Intezer Launches Custom Agents for SOC Workflow Automation

Security teams can now build their own AI agents to automate repetitive investigation tasks, report generation, and SOC routines using natural language.

Omega Editorial· July 3, 2026· 2 min read

SOC teams gain custom automation capabilities

Intezer has introduced Custom Agents, a feature enabling security operations teams to create their own AI agents within the Intezer platform for automating organization-specific security workflows. The capability extends Intezer's existing autonomous agent framework, which already handles alert triage and investigation at scale.

The company's platform currently processes 100 percent of incoming alerts autonomously, escalating fewer than 2 percent to human analysts for review. Custom Agents builds on this foundation by allowing teams to automate additional tasks unique to their security environment, from incident report generation to detection rule tuning.

Addressing repetitive SOC work

Intezer developed Custom Agents after analyzing how security teams used the platform's AI chat feature. The company discovered that more than one-third of conversations involved identical repetitive requests. These recurring patterns revealed opportunities to convert manual workflows into automated agents.

Current Intezer customers are deploying custom agents for several operational tasks. Teams are automating incident report writing tailored to their specific formats and compliance requirements. Others use agents to generate recommendations for tuning detection rules based on triage verdicts. Proactive threat hunting workflows have also been converted into automated agent tasks.

Natural language agent creation

Security teams create Custom Agents using natural language descriptions rather than code. Teams specify the desired task, define execution triggers—whether scheduled, event-driven such as case closure, or on-demand—and select which tools the agent can access.

The agents operate across integrated security infrastructure, combining Intezer's native toolset with connected platforms including CrowdStrike, SentinelOne, Splunk, Microsoft Sentinel, and Entra ID. Agents can update case records, add comments, close investigations, and distribute completed reports via email.

Why it matters

Security operations centers face mounting pressure from alert volume and increasingly sophisticated threats. While many platforms offer pre-built automation playbooks, Custom Agents addresses a different challenge: the organization-specific workflows that consume analyst time but don't fit standard automation templates. By enabling teams to codify their unique processes as agents, Intezer is tackling the long tail of repetitive work that typically remains manual. This approach could significantly reduce the operational burden on SOC teams while maintaining consistency in how custom procedures are executed.

According to Itai Tevet, CEO of Intezer, the feature gives customers control over automating their distinct workflows while leveraging the same autonomous engine that powers core SOC operations.

These details were first reported by Help Net Security.

#soc automation#ai agents#security operations#intezer#threat detection#workflow automation

This is an original analysis by the Omega editorial team. Source reporting: Automation Watch.

Want systems like this working for your business?

Book a Call

More in Automation

Automation· 3 min read

Jungheinrich invests in Navflex to automate truck loading

The intralogistics giant is tackling one of warehousing's most stubborn manual processes with autonomous vehicle technology designed for the loading dock.

Via Automation Watch · Jul 3, 2026
Automation· 3 min read

Home Assistant 2026.7 Simplifies Automations With Plain Language

The open-source smart home platform eliminates technical jargon from automation setup and adds visual activity tracking.

Via Automation Watch · Jul 3, 2026
Automation· 2 min read

Power Automate Roadmap Embraces AI Without Abandoning RPA

Microsoft's automation platform serves 15 million users by positioning deterministic workflows and AI-driven capabilities as complementary, not competing.

Via Automation Watch · Jul 3, 2026