BlueVoyant has launched BlueVoyant AI, an agentic security operations platform for both managed and self-service security operations centres.
The platform is designed to support real-time decision-making, automated response and faster containment during cyber attacks. It is available either as a fully managed service with round-the-clock support from BlueVoyant's security operations team or as a software platform for in-house security teams.
The launch reflects a broader push across the cyber security sector to apply artificial intelligence to detection and response workflows, particularly as security teams face growing alert volumes and pressure to respond more quickly to threats. BlueVoyant is positioning the product around that challenge, arguing that many organisations still struggle with false positives and slow triage processes.
John Hernandez, Chief Executive Officer at BlueVoyant, said the company sees a gap between the promises made by AI suppliers and the practical needs of security teams.
"For years, the security industry has promised AI-powered defence but failed to deliver what security teams actually need," said John Hernandez, Chief Executive Officer at BlueVoyant. "BlueVoyant AI is different. It is the product of almost 10 years of hands-on experience defending the world's most complex environments, distilled into a platform that thinks, decides and acts at machine speed. We're not augmenting the SOC. We are helping it evolve."
Managed or self-service
BlueVoyant has built the platform around two operating models. One lets customers hand off detection and response to BlueVoyant's team, while the other gives internal teams direct access to the software for their own operations.
That approach reflects differences in how companies run cyber defence. Some large organisations want direct control over tools and workflows, while others lack staff or specialist expertise and prefer an external provider to monitor and respond on their behalf.
Customers can connect Microsoft 365, Defender and other tools through a self-service onboarding process. The platform can also carry out response actions including isolating compromised devices, revoking credentials and removing malicious emails across an organisation's environment.
Those functions place the product in a crowded market for security operations automation, where vendors are trying to reduce the manual work involved in investigating alerts. The aim is to stop low-value alerts from reaching analysts, allowing teams to focus on incidents that require human judgement.
Sebastian Sobolev, Chief Product Officer at BlueVoyant, described the platform as a central part of a wider security programme.
"BlueVoyant AI delivers high-fidelity and decision-ready alerts in real time and can be the centrepiece of any security program," said Sebastian Sobolev, Chief Product Officer at BlueVoyant. "What we have built effectively eliminates false positives and shrinks response times. This isn't an incremental improvement - it's a step change for the industry. It will become the standard."
Microsoft focus
A central part of BlueVoyant's pitch is its long-standing focus on the Microsoft security ecosystem. The company said the platform builds on nearly a decade of work in Microsoft-based customer environments, with more than 2,500 deployments informing its playbooks and decision-making.
That matters because many corporate security environments rely heavily on Microsoft products for identity, endpoint protection, email security and cloud services. Vendors with deep specialisation in one ecosystem often argue they can produce more accurate detections and faster response actions than those training models on broader but less specific telemetry.
BlueVoyant said its experience means that when Microsoft introduces new security features, or when attackers exploit a weakness affecting that stack, its teams and systems are not starting from scratch. It is using that argument to distinguish itself from rivals offering more generalised security automation.
Identity emphasis
BlueVoyant also pointed to identity security as a priority area, particularly as non-human identities become more common across enterprise systems. Service accounts, automated processes and machine identities now play a larger role in business infrastructure, and they can create blind spots if they are not closely monitored.
The company said its background in Microsoft Entra will shape further work in this area. It argued that organisations need better ways to discover, monitor and secure these identities before they are abused by attackers.
Hernandez said identity remains central to the company's strategy as customers adopt more autonomous systems and AI tools across their operations.
"Our heritage at BlueVoyant is rooted in identity, and we plan to leverage our expertise to evolve how organisations define and scale security around it," said Hernandez. "As organisations adopt autonomous systems, BlueVoyant AI is designed to help organisations remain secure, governed and trusted. Today's launch is just the beginning."