IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Security analysts monitoring digital threats modern operations center
#
Cloud Security
#
Advanced Persistent Threat Protection
#
AI

AI tools boost speed & accuracy for security analysts in SOCs

Thu, 9th Oct 2025
Author image
By Shannon Williams, Journalist

A new study by the Cloud Security Alliance has found that security operations centre analysts using AI-supported tools achieve faster and more accurate results in security investigations compared to those working manually.

The report, titled Beyond the Hype: A Benchmark Study of AI in the SOC, analysed the performance of over 140 security analysts as they investigated escalated security alerts, either with or without the help of an AI-enabled investigation platform. Analysts using AI were observed to complete their investigations 45-61% faster and with 22-29% higher accuracy than those relying solely on manual methods.

Study details

The research was conducted across multiple investigative scenarios designed to replicate typical alert escalations managed by SOC teams. Two main situations were selected: an AWS S3 bucket alert and a Microsoft Entra ID failed login alert. Participants were randomly assigned to either use Dropzone AI, an AI-powered investigation tool, or to operate without automated support.

Researchers assessed the groups using a set of objective criteria, measuring accuracy, speed, completeness, and detail, as well as subjective measures such as perceived task difficulty, analyst confidence, and attitudes toward AI-based assistance.

AI impact on SOC effectiveness

Hillary Baron, Associate Vice President at Cloud Security Alliance, described the significance of the findings.

These patterns suggest that AI-driven investigation platforms can improve human accuracy and speed while sustaining investigative quality across repeated or complex tasks. This highlights the importance of AI in high-volume SOC environments where efficiency and consistency are essential.

In both simulated alert scenarios, analysts equipped with AI tools outperformed the control group not only in raw performance but also in their ability to maintain consistency under repeated investigative tasks. Manual analysts, by contrast, displayed a 27% reduction in report detail and a 20% drop in conclusion quality across scenarios, which researchers related to fatigue and information overload.

Performance advantages

The report's data indicates that, even for analysts using AI platforms for the first time, the technology improves both investigative thoroughness and the speed with which alerts are resolved. Specific findings include a 22% higher accuracy rate for AI-assisted analysts in the first scenario and 29% in the second, while their manual counterparts saw declining report and conclusion detail.

Speed of investigation also increased markedly, with those using AI resolving the first scenario 45% more quickly and the second 61% faster than those without automated support.

Industry response

Edward Wu, Founder and Chief Executive Officer of Dropzone AI, commented on the relevance of the research for security leaders tasked with improving SOC operations amid evolving cyber threats.

Security leaders are looking for real-world data on how AI benefits SOC effectiveness and efficiency. This study shows that AI tools materially improve quality, speed, and accuracy in escalated alert investigations. As cyber threats continue to grow in volume and sophistication, it's essential to support human judgment at scale-and this benchmark study demonstrates that AI can make that happen in a way that was not previously possible.

The study involved 148 participants with a variety of experience levels in SOC and incident response roles, who were randomly assigned to either the AI-assisted or control group. Each team's performance was scored against expert-modelled ideal responses for each simulated scenario to standardise evaluation of investigative quality.

Data analysis and interpretation were conducted by Cloud Security Alliance research analysts. While Dropzone AI is a corporate member supporting the project, the company did not influence the content or findings of the research, according to CSA.

Implications for security operations

The findings support ongoing industry discussions around the integration of AI into daily SOC workflows. The improved accuracy, speed, and sustained quality shown by AI-augmented SOC analysts suggest a role for AI assistance in settings where the volume and complexity of security alerts can quickly overwhelm traditional manual processes.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
High performers excel in strategy execution amid data challenges
AI & tax intelligence set to transform business compliance by 2026
OpenAI launches GPT-5.1 Instant & Thinking upgrades for ChatGPT
Cyber Security Bill aims to shield UK firms from GBP £2 billion losses
New UK cyber security bill to raise standards for all suppliers

Top stories

AI spend to focus on cost, outcomes & data in 2026 shift
SALESmanago appoints Phil Draper as CEO to drive global AI growth
Premier CX & CommBox launch AI-driven platform for recruiters
ScreenCloud Belfast team wins three major awards for service
UK firms fear AI data non-compliance amid new regulatory risks