Red Canary has introduced Agentic Tuning, a new feature designed to address the persistent challenge of noisy security alerts. By combining AI agents with human expertise, the system allows security teams to suppress authorized but suspicious-looking activity using plain-language instructions. This approach aims to reduce the time wasted on false positives while maintaining a wide detection net for genuine threats.
The system relies on two main components: Customizations and the Threat Review Agent. Customizations provide a portal for users to enter auditable, explicit guidance, which the AI-driven Threat Review Agent then evaluates against telemetry data to recommend suppression or escalation. Early results indicate a significant impact, with some users seeing up to an 80 percent reduction in identity-related false positives.
Top comments (0)