Rethinking MDR as Attackers and Defenders Embrace AI

Summary

Managed Detection and Response (MDR) services are becoming insufficient as attackers leverage AI for faster, more sophisticated attacks. A significant portion of alerts, around 60%, go unreviewed due to alert volume, with nearly 1% of real threats originating from these low-severity alerts. Furthermore, the quality of investigations varies greatly depending on the analyst and time of day, leading to missed threats and inconsistent security coverage.

Full text

Rethinking MDR as Attackers and Defenders Embrace AI The Hacker NewsJun 12, 2026Endpoint Security / SOC Automation For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn't staff around the clock, couldn't hire enough analysts, and needed someone else to handle the alert queue. MDR stepped in. It worked well enough. Until now. The threat landscape has changed faster than the MDR model can adapt. Attackers are using AI to move faster, generate more convincing phishing at scale, automate reconnaissance, and create malware variants that evade signature-based detection. The attack surface has expanded from endpoint to cloud, identity, and network simultaneously. And yet MDR is still doing what it always did. Routing alerts to human analysts who triage what they can, in the order they can get to it. That is no longer enough. The data we share below proves it and security leaders might consider exploring whether they have outgrown their MDR. MDR's 24/7 promise doesn't cover 60% of your alerts MDR promised 24/7 human coverage. What it delivered was a 24/7 human capacity to triage high-severity alerts. Those are not the same thing. Across the industry, approximately 60% of alerts go unreviewed. That's not a performance failure. Human teams, whether in-house or outsourced to an MDR, cannot process the volume of alerts that modern environments generate. So they do what any rational person does. They prioritize. P1s and P2s get worked. P3s and P4s pile up. But this is exactly where attackers hide. Analysis of 25 million alerts across global enterprises in 2025 found that nearly 1% of real threats originate in low-severity and informational alerts. In an enterprise generating 450,000 alerts annually, that translates to roughly 54 real incidents per year, about one per week, sitting in the deprioritized queue where no one is looking. The breaches hiding in that backlog are not theoretical. They are happening right now, in organizations that believe they have coverage. Note: The math behind the above statement assumes 450K annual alerts, of which 60% are not investigated and of those, 2% are real incidents. Of those real incidents, 1% originate in low-severity alerts. Investigation quality varies by who is on shift Even for alerts that do get reviewed, MDR investigation quality is not consistent. It is bounded by the experience of the analyst on duty, the queue depth at that moment, the time of day, and whether the team is fully staffed. A P1 at 3 am gets a different investigation than the same alert at 10 am. This is not a criticism of MDR analysts. It is a description of what happens when any human-executed process runs at high volume, under pressure, around the clock. Variance is unavoidable. The consequences are real. When an investigation is shallow, threats get classified as noise. When follow-through is inconsistent, early-stage lateral movement looks like routine behavior. The attacker who got in on a low-severity alert keeps moving undetected because no one had the time or context to connect the signals. Detection engineering is not a closed loop In most MDR deployments, detection engineering is a periodic exercise. Rules get tuned when customers complain about alert volume. New coverage gets added when a major CVE makes news. Otherwise, the detection posture drifts. The core problem is architectural. MDR investigation and detection engineering operate in separate silos. When an analyst investigates an alert and closes it as a false positive, that insight rarely feeds back into the detection system. Broken rules stay broken. Noisy rules keep generating noise. New attacker techniques arrive without matching detections. The result is a detection posture that degrades faster than it improves. Real coverage, measured against the MITRE ATT&CK framework, can be far lower than teams assume. You can't audit what you can't see Most MDR services are a black box. Customers receive escalations and summaries. They do not get to see the investigation logic, inspect the evidence trail, verify the verdict, or audit what the analyst actually reviewed before closing a case. In an era where accountability and transparency are security requirements, this is a genuine liability. When an incident is missed, you cannot diagnose why. When a verdict is wrong, you cannot trace the reasoning. When regulators ask what was investigated and how, there is no answer. The AI savings are going to the vendor, not to you AI is reducing the operational cost of MDR. Providers are using it to automate portions of triage, reduce analyst hours, and increase margins. Those efficiency gains do not flow through to customers as lower prices or expanded coverage. The buyer still pays the same rate, or more. The provider keeps the savings. But the coverage gap stays the same. The human scaling constraint stays the same. Only the provider's cost structure has improved. You don't own what was built in your name Detection rules, triage logic, case history, and investigation learnings accumulate inside the MDR vendor's platform over the life of the contract. When the contract ends, that knowledge does not move with you. The years of tuning, the accumulated context about your environment, and the detection improvements built from your data all stay with the vendor. This creates two problems. First, organizations that switch providers start from scratch, rebuilding institutional knowledge that took years to develop. Second, organizations that want to bring security operations in-house, a trend that is accelerating as AI SOC tools mature, find themselves starting with no foundation. MDR providers, for obvious reasons, are not incentivized to help customers build internal capability. Their model depends on retaining the work. Your MDR contract may block you from using Claude for your SOC The above-mentioned knowledge lock-in is no longer just a switching-cost problem. It's also an AI readiness problem. When you try to deploy an AI agent for SOC work, it needs a knowledge foundation to reason over. Detection rules, case history, behavioral baselines, and forensic verdicts. If those live in your MDR vendor's platform, your agent is starting from near zero. Additional MDR gaps worth noting Aside from the above, MDR has a set of smaller gaps that compound over time. Every customer gets the same generic playbook regardless of their specific risk profile, compliance obligations, or data sensitivity. Integration tools like SOAR, which were supposed to streamline MDR findings into internal workflows, largely failed to deliver on that promise because human-driven investigation doesn't produce the structured, consistent outputs that automation requires. And when a real incident surfaces and a customer needs to talk to someone who understands their environment, they often reach an AI chatbot or a ticketing queue instead of a person. What the AI-powered attacker era actually requires The attackers of 2026 are not waiting for alert queues to clear. AI-generated phishing campaigns hit inboxes at a volume and quality that bypass conventional gateways. Credential stealers like Agent Tesla and LummaC2 move fast. EDR tools are being actively evaded, with research showing that more than half of confirmed compromised endpoints had already been marked as "mitigated" by the EDR vendor. The attacker has already won a round that the defender didn't know was being played. Meeting this moment requires a different operating model. One where investigation speed is measured in seconds, not hours. Where every alert gets examined, regardless of severity or time of day. Where the output is an evidence-backed verdict, not an analyst's judgment call under pressure. This is what an AI SOC is designed to deliver. An operating model shift where AI executes and humans supervise The core idea behind an AI SOC is simple. Move investigative execution out of the human queue and into AI,

Indicators of Compromise

• mitre_attack — T1566
• mitre_attack — T1071
• mitre_attack — T1027

Entities