Red Canary has introduced "Agentic Tuning," a new system designed to significantly reduce security alert noise and false positives. By leveraging AI agents alongside human expertise, the platform allows security teams to use plain-language instructions to suppress expected or authorized behavior that might otherwise trigger suspicious activity alerts. This approach addresses the high cost of false positives, which often consume analyst capacity and erode trust in detection systems.
The system is powered by two primary components: a new Customizations portal and a specialized Threat Review Agent. Users provide explicit, auditable guidance in natural language, which the AI agent then evaluates against telemetry and investigation context to recommend suppression or publication. Early access results have shown up to an 80 percent reduction in false positives for identity-related detections, allowing teams to align security logic with their specific organizational policies and risk tolerance.
Top comments (0)