Cybersecurity company Sophos has reported major production milestones from a year of deploying its agentic Security Operations Center (SOC) model within Sophos Managed Detection and Response (MDR), now protecting 40,000 customers globally and recording 39% year-over-year growth.
The company said its AI-driven SOC architecture is designed to address rising cybersecurity complexity, where the volume of threats and shortage of skilled analysts have outpaced traditional security operations. Through Sophos Central, its AI-native cybersecurity platform, the system integrates endpoint, network, identity, email, cloud, and SIEM data into a unified “context lake” supported by automated workflows and third-party integrations.
According to Sophos, the agentic SOC now enables significantly faster and more autonomous threat response, with key performance metrics including an average of 89 seconds from case creation to automated response and 52% of MDR cases resolved end-to-end by AI without human intervention.
The remaining 48% of cases are handled through a hybrid model combining human-on-the-loop (HOTL) and human-in-the-loop (HITL) oversight, allowing analysts to focus on complex investigations, threat hunting, and strategic decision-making.
Sophos said the system continuously improves through shared intelligence across its global customer base, processing millions of daily detections to suppress noise and prioritize high-risk threats.
The company also highlighted industry recognition, including leadership rankings in G2 Summer 2026 reports across Endpoint Protection, EDR, XDR, MDR, and Firewall categories, as well as strong customer ratings in the 2026 Gartner Peer Insights Voice of the Customer for MDR.
Sophos plans to expand its agentic model across its broader cybersecurity portfolio through 2026, including enhancements to XDR, next-generation SIEM capabilities, and new AI-driven security advisory services.
