SECURITY leaders are contending with truncated attack timelines and aging, siloed defenses that struggle to keep pace with real‑time threats, according to the Microsoft Security Blog. The piece argues for a shift to an agentic SOC that unifies threat signals and protection actions, leveraging AI‑powered defenders to automate routine work and free human analysts for hunting and analysis.
It cites that 20% of an analyst’s week—one full workday in five—can be lost to manual toil, and that 42% of alerts go uninvestigated due to capacity constraints. The article positions Microsoft Defender XDR as a unifying layer across domains to reduce noise and enable earlier disruption of complex attacks, while human expertise complements automated protections through Microsoft Security Experts for advisory, managed detection and response, and incident readiness.
It also promotes the Defender Experts Suite as a practical way to combine autonomous protection with continuous human insight to modernise security operations and build resilience. 24 February 2026.