Every alert is triaged by an agent running Cisco's Foundation-sec model on Nvidia hardware, on the endpoint itself. Work that used to sit in a tier-two analyst's queue for an hour is done in seconds. You get the verdict, the pivots it looked at, the evidence it cited, and the ATT&CK technique it mapped. If you disagree, you override it, and the correction trains the next verdict.
Most AI features bolted into SIEM products rely on general-purpose LLMs. Clever, but not tuned for adversary reasoning. Edge runs Cisco Foundation-sec, a security-tuned model, on Nvidia-class hardware on the endpoint. No data leaves the customer boundary. The model can be audited, swapped, or fine-tuned on your own corpus without sending a single event to a vendor.
Security-tuned reasoning model that understands ATT&CK techniques, attacker tradecraft, and forensic chains of evidence as first-class concepts, not as generic text.
Runs on the endpoint itself. No cloud round-trip. No tokens billed to your account. No data egress for any sovereign, regulated or air-gapped estate.
CPU inference with a quantised Llama-3-8B fallback for constrained estates or edge sites where GPU hardware isn't viable. Same verdict format, same evidence chain.
The model can be adapted to your environment, your normal, your rule library. Your analyst overrides become the training data. The longer you run it, the sharper it gets.
An AI answer is only useful if your analyst can replicate the reasoning in thirty seconds. Every Edge verdict ships with a cited evidence chain, an ATT&CK technique, a confidence score, and the exact telemetry events it pivoted through. There is no black box.
The verdict card is not a PDF export. It's the live working memory of the agent. Click any pivot and you're taken to the event that drove that conclusion. Click the technique and you see every rule in your library mapped to it. Click the actor and you see every other alert across the tenant touching the same IOC.
The model does not stay static. Every override your analysts produce, whether confirming, downgrading, or reclassifying a verdict, becomes labelled training data for the next cycle. The platform compounds in sharpness the longer it runs in your environment.
Detection engine fires on a rule or anomaly. The agent pulls cross-source context (endpoint, network, cloud, identity) from the local lakehouse.
Foundation-sec proposes a verdict with technique mapping, evidence chain, and confidence score. Anything below configured threshold routes directly to human.
Cited evidence is one-click reproducible. Analyst confirms, overrides, or reclassifies. Disagreement is logged with reason code.
Override signal becomes labelled data for the next model update. Tenant-scoped fine-tuning keeps every customer's learned patterns inside their own boundary.
The noise class that yesterday sent a tier-two analyst into a rabbit hole is today closed by the agent with a one-line summary. Humans keep the interesting work.
Because inference runs on the endpoint and customer telemetry never leaves the customer's lakehouse, there is no vendor data-sharing agreement to renegotiate, no cross-customer contamination risk, and no regulatory surprise when your DPO asks where the model saw your alerts. The answer is: nowhere.
The measurable business impact of agentic triage is analyst hours reclaimed. A conservative baseline: tier-two enrichment and triage work that previously held an analyst for 45–90 minutes per alert now closes in under 30 seconds of wall-clock time, with the analyst reviewing rather than assembling.
For MSSPs, this reshapes the book. The margin compression that per-GB cloud SIEM puts on analyst-hours is replaced by agent-assisted tier-one coverage that scales horizontally with tenants, not linearly with headcount.