From Premium Add-On to Default Capability
AI threat hunting is moving from experiment to expectation as major vendors embed it directly into core platforms. Group-IB’s Prevyn AI is a clear signal: it becomes the cognitive core of the company’s Unified Risk Platform and is available to existing Threat Intelligence and Managed XDR customers at no additional cost. Instead of positioning AI as a separate, premium module, Group-IB folds it into everyday workflows, emphasizing AI-assisted investigations and agentic research as baseline capabilities. In parallel, Tech Mahindra and Cisco’s Cyber Resilience Fabric integrates AI-driven analytics with risk scoring, showing that enterprise security AI is no longer a niche tool but a central design principle. Together, these moves reflect a broader industry consensus that AI-powered investigation, correlation and triage must be built in if organizations are to keep up with rapidly expanding and interconnected attack surfaces.
Closing the Speed Gap with Threat Response Automation
Modern attacks unfold at machine speed, quickly outpacing manual investigations. Both Prevyn AI and Cyber Resilience Fabric directly target this gap through threat response automation. In Managed XDR environments, Prevyn AI automatically analyzes alerts, drafts incident reports and generates structured remediation workflows, allowing defenders to move from raw signals to ready-to-act playbooks in far less time. Tech Mahindra and Cisco’s platform focuses on automated cyber defense through risk-led prioritization: incidents are evaluated using contextual risk intelligence, so teams can escalate the most business-critical threats first instead of drowning in alert volume. Crucially, these systems are designed to augment, not replace, human decision-making. Prevyn AI requires human approval before executing any recommended action, aligning with emerging governance expectations while still accelerating response. The result is a more consistent, repeatable defensive posture that keeps pace with automated, high-velocity attacks.
Unified Visibility Across Fragmented Enterprise Environments
As enterprise environments grow more complex, AI threat hunting depends on integrated, high-quality data. Prevyn AI pulls from Group-IB’s intelligence data lake, which is fed by cybercrime investigations, regional Digital Crime Resistance Centres and collaboration with law enforcement. This depth of telemetry lets the system reason about attacker behavior and infrastructure staging, rather than relying mainly on generic open-source feeds. On the operations side, Cyber Resilience Fabric merges Cisco’s Splunk Enterprise Security with Tech Mahindra’s Risk Scoring Platform to give security leaders a unified view of security events and risk signals. By combining security, operational and risk data in a single environment, the platform reduces overlapping alerts and delivers contextual risk scoring that directly supports governance and resilience objectives. This convergence of data and analytics is essential for AI-driven threat hunting to deliver accurate insights in sprawling, hybrid enterprise architectures.
Human-Only Threat Hunting Can No Longer Scale
The shift toward automated cyber defense reflects a recognition that human-only threat hunting is operationally insufficient. Group-IB explicitly frames Prevyn AI as a response to threat actors already operating at machine speed, arguing that defenders cannot respond adequately when investigations remain manual. Its 11 specialized agents, modeled on high-tech crime investigative logic, aim to identify attacker intent and infrastructure before attacks launch, improving research quality and analytical depth. Tech Mahindra and Cisco echo this perspective, noting that traditional security operations are overwhelmed by the scale and sophistication of modern threats. Their Cyber Resilience Fabric is designed to move organizations from reactive alert management to proactive, risk-led decisioning, with AI-driven analytics helping teams prioritize and automate defense workflows. These developments suggest a new baseline: effective threat hunting now assumes a close partnership between human expertise and AI systems capable of continuous, scalable analysis.