‘For both MSP partners and our channel more broadly, this is a way for them to embed AI agents and the agentic frameworks into their customer environments,’ Schneider tells CRN.
The debut by Arctic Wolf of what it’s calling the “world’s largest agentic SOC” (Security Operations Center) will deliver massive opportunities for MSPs and other partners as the company aims for rapid delivery of improved security outcomes using AI agents, according to Arctic Wolf CEO Nick Schneider.
In an interview with CRN last week during RSAC 2026, Schneider said that the newly announced Aurora Agentic SOC will deliver substantial reductions in cost and complexity in addition to providing enhanced AI-powered security outcomes.
[Related: 15 Top Cybersecurity CEOs On The Future Of AI Agents: RSAC 2026]
The agentic SOC system will leverage the new Aurora Superintelligence Platform, also announced last week at RSAC in San Francisco. The Superintelligence Platform “combines a proprietary knowledge graph along with our swarm of agents” to handle key security tasks, Schneider told CRN.
The Aurora Agentic SOC is “now operating at massive scale across a platform that’s ingesting north of 10 trillion cybersecurity events a week and delivering superior outcomes now to our customers,” he said.
Ultimately, the Aurora Agentic SOC enables autonomous agents to perform core SOC workflows while human experts are kept in the loop for oversight and validation as well as more advanced decision-making, according to Schneider.
For both MSP partners and the broader channel, “this is a way for them to embed AI agents and the agentic frameworks into their customer environments—in a way that can provide those customers outcomes that they otherwise might not be able to achieve,” Schneider said. “[The system] allows them to get superior outcomes without really having to do anything new.”
What follows is more of CRN’s interview with Schneider.
What are the biggest advancements in your new Aurora announcements?
We’ve announced the Aurora Superintelligence Platform, which combines a proprietary knowledge graph along with our swarm of agents, and then our AI judge to ensure accuracy and trust within our SOC. And then on top of that, we’ve brought forth the agentic SOC, which is now operating at massive scale across a platform that’s ingesting north of 10 trillion cybersecurity events a week and delivering superior outcomes now to our customers.
What does this mean for how useful agentic can be for security?
I think for a lot of our customers, they’re looking to leverage AI and they’re looking to leverage the agentic frameworks within their environments. The problem is, they don’t know exactly how to. So what we’ve done is embedded this agentic framework into our platform and into the way in which our SOC operates—so all of our customers get that benefit. The outcome really for them should be speed, efficiency and then a more effective outcome in a highly observable way—so they can see where the agentic framework is doing its work or where the agents are doing their work, along with where the humans in the loop are doing the other pieces of the puzzle along the way.
What does this announcement mean for your partners, especially your MSP partners?
I think for both MSP partners and our channel more broadly, this is a way for them to embed AI agents and the agentic frameworks into their customer environments. [They can do this] in a way that can provide those customers outcomes that they otherwise might not be able to achieve—while also feeling like they’re ahead of the curve with regards to solving for threats from bad actors by leveraging new technologies in the space.
So this is going to mean better security outcomes for MSPs and for the customers?
Yes. At the end of the day, what people are trying to do is ensure that their businesses are protected and are safe, and that they’re leveraging the most advanced technologies to be able to do so. Here we’ve brought together the Aurora platform—now the Superintelligence Platform—along with our new agentic framework, all in one package for our customers in a way that allows them to get superior outcomes without really having to do anything new.
It sounds like this offering is something that Arctic Wolf has been working up to for a while?
Yes, we’ve been working on it for quite some time. Underneath the announcement is a lot of core platform work. You have to be able to build a knowledge graph in a way that can provide the relevant context and data to the models and to the agents. So we’ve built these knowledge graphs on top of the core platform by leveraging what is now more than a decade of data, and millions and millions of people hours of like real world SOC expertise. And then by having a knowledge graph and having these agents do work that typically would be done by a human—or augmenting a human’s work—what happens is we can continually update those knowledge graphs and improve the way in which they do their work. So it’s a reinforcement loop of training. And it allows the agents to steadily become more and more effective and more and more efficient over time.
And then the last piece is trust. I think a lot of the buzz in the industry around agents and agentic frameworks has met with some skepticism by customers saying, “How do I trust these things? How am I [supposed to be] confident that the agents are doing what I’d expect them to do—or that I can choose which areas of my environment these agents are taking action or not taking action? How is a human in the loop?” The beauty of the way in which we’re delivering this to our customers is, they’re getting the platform itself and they’re getting the knowledge graphs themselves within the platform. We have what we call an AI judge that analyzes the outputs of the agents in an agentic manner. And we marry that with a human judge, so the human is validating the workflows as well. And those elements combined, I think, allow customers to get a trustworthy outcome with regards to AI—and get outcomes in a way that they maybe wouldn’t otherwise be able to get, either through traditional tools or even through traditional service organizations.
What are you expecting going forward, in terms of how autonomous the SOC will ultimately become?
You’ll see a steady increase in the leverage of agents within security operations. I think there are certain workflows that can be full autonomous, and there are other workflows that will not be fully autonomous. And I think we are still a ways away from the human-in-the-loop not being a prerequisite for most organizations. Some of that has to do with the company’s risk curve. There are certain actions or certain processes or certain workflows where it can be fully autonomous—and if it’s wrong, or if it’s slightly wrong, it’s not the end of the world. There are others where, if it’s wrong, it’s a big deal. And that’s where you’re going to want to still have some human validation, some human trust within the loop.
When it comes to the usage of agents in the workforce, it seems clear that is taking the risk up to another level beyond GenAI apps. Do you believe that is going to fuel growth for the security industry for quite a while?
Yes [because] AI has become an entirely new attack surface. It can be used in a way that can be rapidly deployed and make a big impact to an organization if you don’t pay attention to it. We still have a lot of the same issues that we’ve had for 20 years, around how to protect against various attack surfaces. The difference here is that this [AI] attack surface can also be used by bad actors as a way to attack. And that obviously makes cybersecurity an industry that needs to and will continue to grow and be a centerpiece to the conversations at the board level, or within every C-suite of every company in the world.
