The AI SOC Is Real. Most of the Numbers Sold With It Are Not

Microsoft says its agents automate 75% of phishing and malware investigations. That's real, and it's vendor-reported. Meanwhile the Gartner stat, the false-positive rate, and the SOC cost comparison everyone quotes trace back to nothing at all. Here's how to tell the difference.

Usman Akram · · 6 min read

I went looking for the evidence behind agentic security operations, expecting to write a straightforward explainer. What I found instead was that the technology is real and a large share of the statistics used to sell it are not.

Both halves of that matter, so let me do them in order.

The part that is real

Microsoft defines the agentic SOC as an operating model that shifts security from reacting to incidents toward anticipating how attackers move and actively reshaping the environment to cut off their paths. That is a genuine architectural idea, not a slogan.

And they put numbers on it. In live environments, Microsoft says, its agents automate 75% of phishing and malware investigations. Attacks like ransomware are disrupted in an average of three minutes, with tens of thousands contained monthly by isolating compromised users and devices before lateral movement takes hold, at what they describe as a 99.99% confidence rating.

In July 2026, CyberProof launched an agentic managed detection and response service claiming it autonomously handles up to two-thirds of security investigations.

These are substantial claims and I have no reason to think they are dishonest. But notice what they are: vendor self-reported product metrics. Microsoft measuring Microsoft. CyberProof describing CyberProof. There is no independent evaluation here, no published methodology, and "up to two thirds" is a ceiling rather than an average, which is a distinction marketing departments understand very well.

That does not make them worthless. It makes them evidence of a particular kind, and you should read them the way you read a vendor benchmark: directionally informative, precisely unreliable.

The part that is invented

Here is where it gets irritating. Three statistics show up in nearly every article about the AI SOC, and I could not substantiate any of them.

"Gartner predicts 50% of SOCs will deploy AI-based decision support by 2026." No Gartner source contains this. It appears only on vendor pages citing each other. Gartner's actual public predictions in this space are worded differently and target different years, such as AI driving 50% of incident response efforts by 2028. Gartner has also published a note titled "Predict 2025: There Will Never Be an Autonomous SOC," which is almost exactly the opposite of the posture the fake stat is used to support. Somebody invented a Gartner prediction and the industry has been laundering it ever since.

"80% to 95% of alerts in a manual SOC are false positives." Every figure I could trace to a named study is lower, and they contradict each other: one SOC performance report lands around 53%, a Microsoft figure sits near 46%. The famous "99%" comes from a qualitative academic paper where it was an analyst's remark in an interview, not a measured population rate. The truthful version is boring: false-positive rates vary hugely by environment and nobody credible supports that band.

"An in-house 24/7 SOC costs $2.5M to $4M a year versus roughly $132K to $180K for AI-augmented managed detection at 1,000 endpoints." This one is my favourite, because the precision is the tell. Every source is a vendor, an MSP, or an affiliate lead-generation page, and they do not agree with each other. In-house SOC estimates range from $1.4M to $3.5M depending on who is selling. Managed detection at 1,000 endpoints is quoted anywhere from $96K to $300K. The specific $132K to $180K band appears to have been made up and then repeated until it looked like a fact.

Notice the pattern. These are exactly the statistics you would want if you were selling an AI SOC, and they get sharper and more confident each time they are re-cited while never tracing back to anything. That is what a laundered number looks like.

The argument that does not need any of them

The genuinely uncomfortable thing is that the case for agentic security operations is strong without a single one of those figures.

Here is the whole argument, using numbers that survive scrutiny:

Attackers now move in minutes. CrowdStrike's 2026 Global Threat Report puts the average eCrime breakout time at 29 minutes, with the fastest recorded at 27 seconds. We wrote about what that means for cloud security.

Humans review alerts in hours or days. Not because they are lazy, but because they sleep, and because the alert queue is long, and because the one person who understands your environment is also shipping features.

That is the entire case. It is arithmetic. A 29-minute attack against a 12-hour response is a loss regardless of what percentage of your alerts are false positives, and regardless of what a SOC would cost you.

The strongest supporting evidence I found is also the least quoted. IBM's 2024 Cost of a Data Breach report found organizations using security AI and automation extensively contained incidents on average 98 days faster and incurred about $2.2 million less in breach costs. That is a real study with a real methodology, and it is worth more than the three invented numbers combined. Note the date: IBM's 2025 edition supersedes it with somewhat lower figures, which is itself a useful reminder that these things move.

What this should change about how you buy

You are going to be sold an AI SOC. Probably repeatedly. So:

  • Ask what is measured versus what is claimed. "Our agents automate 75% of phishing investigations" is a vendor metric. Ask how it was measured, on whose environment, and what happened to the other 25%.
  • Treat "up to" as a ceiling, because it is one. "Up to two-thirds" is compatible with one-tenth.
  • Ask what happens when the agent is wrong. Automated containment that isolates a compromised device is excellent. Automated containment that isolates your CEO's laptop during a board meeting because a heuristic misfired is a different experience. What is the rollback? What is the confidence threshold? Who gets paged?
  • Refuse the cost table. If a vendor opens with a precise comparison between an in-house SOC and their product, they are quoting numbers that do not exist. That tells you something about the rest of the pitch.
  • Buy for the response gap, not the alert volume. The problem you are solving is that nobody is awake at 3am on a Sunday when an attacker moves in 29 minutes. Solve that.

Where we land

Agentic security operations are one of the few AI applications where the underlying argument is airtight, because it rests on a genuine mismatch between machine-speed attacks and human-speed response. It does not need embellishment.

Which makes it genuinely annoying that the category is being sold with fabricated statistics. It suggests the people selling it have not noticed that the honest version is more persuasive.

If you are trying to work out what your actual detection and response gap is, without a cost table built on invented numbers, that is the kind of assessment our Security and Compliance practice does. Tell us what you are running and book a discovery call.

Microsoft figures from its Security Blog (9 April 2026) and are vendor self-reported. CyberProof figures from its launch release (7 July 2026). Breach containment figures from IBM's 2024 Cost of a Data Breach report. All claims verified against primary sources on 12 July 2026; the three statistics identified as unsupported could not be traced to any primary source.

Frequently asked

What is an agentic SOC?

Microsoft defines it as an operating model that shifts security from reacting to incidents to anticipating how attackers move and actively reshaping the environment to cut off their paths. In practice it means AI agents handling the first pass of security work: triaging alerts, gathering context, investigating routine phishing and malware reports, and in some cases taking containment actions automatically, with humans supervising outcomes rather than clicking through every alert.

Does AI in security operations actually work, or is it hype?

It works, but the evidence is mostly vendor-reported rather than independently measured. Microsoft states that in live environments its agents automate 75% of phishing and malware investigations, and that attacks like ransomware are disrupted in an average of three minutes with a 99.99% confidence rating. CyberProof launched an agentic managed detection service in July 2026 claiming it autonomously handles up to two-thirds of security investigations, though 'up to' is a ceiling rather than a measured average. Treat these as substantive claims from parties with an interest in them being true.

Is it true that 80-95% of security alerts are false positives?

There is no credible source for that range. Every figure that traces back to a named study is lower and they disagree with each other: one widely cited SOC performance report puts it around 53%, a Microsoft figure lands near 46%. The often-quoted '99%' comes from a qualitative academic paper where it was an analyst's perception in an interview, not a measured rate. The honest statement is that false-positive rates vary enormously by environment and nobody credible has put the general rate at 80% to 95%.

Did Gartner predict that 50% of SOCs would deploy AI decision support by 2026?

No. That statistic circulates widely but no Gartner-issued source contains it. It appears only on vendor pages. Gartner's actual public predictions in this area are worded differently and target different years, including that AI applications will drive 50% of cybersecurity incident response efforts by 2028. Gartner has also published a note titled 'Predict 2025: There Will Never Be an Autonomous SOC', which is rather the opposite posture from how the fake stat is usually deployed.

Should a small company build a SOC or use managed detection?

Be suspicious of anyone answering that with a precise cost comparison, because the numbers commonly quoted for both sides do not trace to any independent source and disagree wildly with each other. The real decision is about coverage and response time rather than a spreadsheet: attackers move in minutes, so what matters is whether a genuine incident reaches a human who can act, at three in the morning, on a Sunday. Most small companies cannot staff that internally, which is the actual argument for managed or AI-augmented detection. Make the decision on that basis, not on a fabricated cost table.

Usman Akram

CTO, IrenicTech

Usman is the CTO of IrenicTech. He builds AI agents, RAG systems, and automations into web and mobile products, and gets them shipped in weeks instead of quarters. He's focused on AI that learns from the people using it, and that's secure enough to trust with real data.

Connect on LinkedIn

Start a conversation

Tell us what you’re building.

Share the essentials and we’ll reply within 4 hours with a real next step, not an auto-responder.

What happens next

  1. We reply within 4 hours, from a real person, not an auto-responder.
  2. A short scoping call to understand the goal, constraints, and timeline.
  3. A fixed-scope discovery sprint: a working prototype and a written estimate.
Office
Austin, TX, United States
Hours
Mon–Fri · Async + scheduled calls

Fields marked are required. By sending you agree to our Privacy Policy.