Agentic AI: Rendering Security Teams with Dynamic Human-AI Partnership and Strategically Responding to Threats

TechNadu interviewed Theus Hossmann, CTO at Ontinue, to learn all about Agentic AI. Hossmann delved into the role of agentic AI in security operations (SecOps), detailing how it never misses an alert and thus helps secure networks.

Agentic AI has moved from an idea to an impact, delivering measurable results at the same time, utilizing its multi-domin reasoning to cater to each user's needs. It is establishing itself as a tool for creating a more secure infrastructure, detecting and blocking cyber threats in no time.

Hossmann detailed the workings of Agentic AI, detailing its speed and efficiency, allowing cybersecurity teams to focus on strategic decision-making and CISOs to defend against cyber threats. 

Read the interview to find out about Agentic AI, its response to incoming threats, autonomy requiring minimal human interaction, and the 'always-on' status that never stops monitoring.

Vishwa: What is agentic AI? Could you give an introduction to the functioning of agentic AI?

Theus: Agentic AI is the next evolution of artificial intelligence. In cybersecurity specifically, agentic AI marks a significant shift from rigid, rule-based automation to a dynamic, adaptive system that thinks and acts like a security expert. 

At its core, it’s about autonomy and context. Unlike traditional tools that simply follow a script, agentic AI learns from its environment, reasons through complex scenarios, and adjusts its approach based on what it discovers. 

Imagine it as a tireless investigator that not only processes data but understands the bigger picture, tailoring its actions to the unique risks and needs of each organization. 

At Ontinue, our agentic AI doesn’t just automate tasks—it rapidly gathers and analyzes critical context, helping our security analysts investigate threats faster and with greater precision. 

By accelerating understanding and decision-making, it transforms how security teams operate and enables more proactive protection for our customers.

Vishwa: What are the main differences between agentic AI and other forms of AI used for threat detection and prevention?

Theus: The difference is night and day. Most AI in cybersecurity—whether it’s a large language model or basic automation—relies on static rules or generalized training data. 

These tools can filter noise or summarize alerts, but they often miss the level of detail and context that is required to reason in complex and ambiguous situations. They’re broad, but shallow.

Agentic AI is built differently. It can autonomously gather context, plan, adapt to real-time events, and be deeply aware – for example, it is able to tell the difference between a developer uploading a file and an accountant doing the same. 

While traditional AI might flag an alert and hand it off, agentic AI goes further: it investigates, correlates data across systems, reasons through ambiguity, and can even resolve incidents on its own.

It’s not just a tool; it’s a partner that amplifies human expertise, not just efficiency.

Vishwa: Could you provide details about the role of agentic AI in security operations (SecOps) and how it allows cybersecurity teams to operate with greater speed and efficiency? 

Theus: In SecOps, time is everything—but traditional workflows overwhelm teams with alerts. Typically, only 6% get reviewed, and 70% of critical events are missed entirely. Agentic AI changes that. Think of it as giving every analyst a superpower: the ability to investigate every alert, not just the noisiest ones.

At Ontinue, our agentic AI triages, analyzes, and prioritizes threats at machine speed, cutting through the noise to surface what truly matters. It’s not just faster, it’s smarter. 

With deep contextual awareness, it can instantly tell the difference between a legitimate cURL command and suspicious activity from a deactivated user account.

The result? Fewer bottlenecks, less manual effort, and security teams that are empowered to hunt strategically, not reactively.

Vishwa: Please share your thoughts about the developments made to agentic AI. Which of its capabilities could be further enhanced? Has it been instrumental in reducing threats based on your observation at Ontinue?

Theus: At Ontinue, agentic AI has moved from concept to impact—it’s delivering real, measurable results. Its ability to continuously learn and adapt to each customer’s unique environment has been a game-changer, catching threats that static tools often miss. 

We’ve seen it dramatically reduce investigation times and stop incidents early, like detecting data exfiltration masked as normal activity.

There’s still room to grow. Advancing its multi-domain reasoning—seamlessly connecting signals across identity, endpoint, and cloud—will make it even more powerful. 

But make no mistake: it’s already reducing the impact of threats. This isn’t just about speed, it’s about precision -- and that’s strengthening security across the board.

Vishwa: How does an agentic AI tool respond to threats? Could you explain the steps it takes after encountering a threat? What is the level of human intervention needed during the process? 

Theus: When a threat emerges, like an unusual file upload, our agentic AI immediately gets to work. It starts by triaging the alert, gathering rich context such as the user’s role, behavioral history, and the organization’s unique risk profile. 

Then it investigates, reasoning across signals from network, endpoint, and cloud to determine if the activity is legitimate or malicious.

If the case is clear, the AI takes autonomous action—quarantining devices, blocking access—within seconds. 

If there’s ambiguity, it escalates the findings to our analysts with context-rich insights, enabling fast, informed decisions. Human involvement is minimal and strategic; analysts act more as coaches than operators. It’s a seamless partnership that blends machine speed with human judgment to stay ahead of threats.

Vishwa: How does agentic AI help CISOs stay ahead of cyber threats? Please share a few of its features that a CISO from a cybersecurity company can benefit from. 

Theus: CISOs carry the weight of every incident, but agentic AI helps lift that load. At Ontinue, it gives CISOs confidence that every alert is being thoroughly investigated, not just triaged and passed along. With deep contextual awareness—understanding user roles, asset sensitivity, and organizational risk -- it prioritizes and resolves threats with speed and precision, often autonomously.

This proactive, always-on capability eases the SecOps burden, reducing noise and burnout for analysts while ensuring no critical signal is missed. For CISOs, that means not having to be in the weeds, allowing them more time to focus on driving business innovation. 

They’re no longer stuck in reactive mode. They can trust the system to surface what matters and take action when it counts. It’s like having a high-performing SOC that scales, learns, and strengthens the security posture every day—delivering peace of mind in an industry that rarely offers it. 

Vishwa: What is the future of agentic AI as a tool for the defenders of security? Threat actors often misuse the latest technology for cybercrimes. What possible steps should security professionals be prepared to take when they learn about the misuse of agentic AI? 

Theus: The future of agentic AI is transformational—a dynamic, intelligent force that allows defenders to shift from reacting to anticipating. At Ontinue, we see it as a scalable shield that adapts in real time, making context-aware decisions that protect organizations before threats escalate. It’s not just automation—it’s strategic, proactive defense.

However, as with any powerful tool, threat actors will try to turn it against us. If they weaponize agentic AI, we could face attacks that evolve, adapt, and learn in real time. 

That’s why defenders must stay one step ahead, investing in AI that deeply understands their unique environment, enforces strong governance, and is paired with sharp human oversight. It’s not just about building smarter tools; it’s about training them continuously and watching for signals attackers can’t fake.

We’re already preparing for that future at Ontinue, ensuring our agentic AI stays a force multiplier for defenders, not a tool exploited by adversaries.

Vishwa: Please share the key considerations for implementing agentic AI for security. What could go wrong if not carefully administered? Where does it require human intervention to minimize risks?

Theus: Implementing agentic AI is a strategic shift, not a plug-and-play solution. It must be trained by security experts and tailored to your environment—otherwise, it may miss critical context. 

Without strong quality control, it can over-automate, act on false positives, or fail to detect real threats. Human oversight is essential at two points: validating decisions to refine the AI, and stepping in for high-impact calls where human judgment is critical. 

When done right, it's transformative; when done poorly, it's just expensive noise.

Vishwa: Could you outline the changes in the evolving role of human analysts in AI-driven security operations? 

Theus: Agentic AI isn’t replacing analysts, it’s evolving their role from alert chasers to strategic decision-makers. Instead of drowning in tickets, analysts now guide the AI, fine-tuning its logic and focusing on high-impact threats. 

At Ontinue, the AI handles the repetitive 80%—running hundreds of parallel investigations—so analysts can proactively hunt, lead incident response, and shape defensive strategy. 

They’ve become commanders, not just responders, with AI scaling their expertise while they anchor it with human judgment. It’s a powerful shift; SecOps becomes smarter, faster, and more resilient through this human-AI partnership.