BlueVoyant launched its BlueVoyant AI platform today, an agentic security operations system designed for both managed and in-house security teams. The release directly targets the growing operational burden of false positives and slow threat triage in corporate environments.
"For years, the security industry has promised AI-powered defence but failed to deliver what security teams actually need," said John Hernandez, Chief Executive Officer at BlueVoyant. "BlueVoyant AI is different. It is the product of almost 10 years of hands-on experience defending the world's most complex environments, distilled into a platform that thinks, decides and acts at machine speed. We're not augmenting the SOC. We are helping it evolve."
The platform aims to reduce the manual work involved in investigating alerts. By stopping low-value alerts from reaching analysts, teams can focus on incidents that require human judgment. This operational shift mirrors the changing skill sets covered in the AI Learning Path for Cybersecurity Analysts, where professionals learn to manage automated detection workflows.
Operating models for security teams
The platform supports two deployment approaches. Organizations can hand off detection and response to BlueVoyant's security operations team for round-the-clock managed service, or deploy the software directly for internal teams to manage. This flexibility addresses different resource levels, as some large enterprises require direct control over their workflows while others lack the specialist staff to monitor threats internally.
Customers can integrate Microsoft 365, Defender, and other tools through a self-service onboarding process. For IT leaders managing these internal deployments, understanding how to govern automated security workflows is critical, making resources like the AI Learning Path for IT Managers a practical reference for operational oversight.
Specialization in the Microsoft ecosystem
BlueVoyant built the platform based on nearly a decade of work in Microsoft-based customer environments, drawing on more than 2,500 deployments to inform its automated playbooks. Many corporate security stacks rely heavily on Microsoft products for identity, endpoint protection, and cloud services. The company argues this deep specialization allows its systems to produce more accurate detections and faster response actions, such as isolating compromised devices or revoking credentials, compared to vendors training models on broader data.
Securing non-human identities
The company also highlighted identity security as a priority, specifically regarding the rise of non-human identities across enterprise systems. Service accounts, automated processes, and machine identities now take on a larger role in business infrastructure, creating potential blind spots if left unmonitored. BlueVoyant said its background in Microsoft Entra will guide further development in this area to help organizations discover and secure these identities before attackers can abuse them.
"BlueVoyant AI delivers high-fidelity and decision-ready alerts in real time and can be the centrepiece of any security program," said Sebastian Sobolev, Chief Product Officer at BlueVoyant. "What we have built effectively eliminates false positives and shrinks response times."
Why this matters for Operations professionals
Security operations teams face constant pressure to reduce mean time to respond without adding headcount. BlueVoyant's dual-model approach means operations leaders must decide whether to build internal AI governance capabilities or outsource them, a choice that will dictate their team's daily workflows, tool integrations, and vendor management strategies.
Your membership also unlocks:
