Pondurance MDR Essentials Fights AI Attacks with Autonomous SOC

The cybersecurity landscape faces a relentless new adversary, as threat actors now leverage artificial intelligence to launch attacks at machine speed. This evolution renders many traditional security solutions too slow, allowing threats to escalate into full-scale breaches before human teams can respond. To counter this, Pondurance has launched MDR Essentials, a managed detection and response service built around an autonomous SOC. This system is engineered to slash the time from initial threat detection to final containment by an impressive 90 percent.

A recent analysis from PwC underscores the necessity of this shift, highlighting that within AI-driven security operations centers, threats can be blocked autonomously in mere seconds. Pondurance’s solution, powered by its Kanati Agentic SOC, is designed to operate at this machine pace, aiming to halt attacks much earlier in the cyber kill chain. “The era of siloed security tools and reactive SOC operations is over,” stated Doug Howard, CEO of Pondurance. He explained that the Autonomous SOC within MDR Essentials delivers a critical advancement, an enterprise-class cybersecurity SaaS platform founded on Agentic AI. This technology can think, act, respond, and contain threats with unprecedented speed.

Howard emphasized the transformative potential for resource-constrained organizations. “For companies struggling to attract qualified cybersecurity talent and manage alert overload, this represents a fundamental shift in how they secure their operations without exceeding their budgets,” he added.

Positioned as enterprise-class managed cybersecurity for the mid-market, MDR Essentials distinguishes itself by offering a comprehensive solution that does not sacrifice accuracy for speed. It integrates premier enterprise-grade EDR tools from industry leaders like CrowdStrike, SentinelOne, and Microsoft. By also ingesting threat signals from Microsoft 365 environments, the Kanati Agentic SOC utilizes advanced threat intelligence and detection algorithms. This allows it to correlate patterns, analyze potential compromises, and take direct action to contain threats before they cause damage.

This capability is particularly vital as cybercriminals increasingly target vulnerabilities within the Microsoft 365 and Entra ID ecosystem. An AI-driven SOC that can execute autonomous response actions the moment high-confidence threats are detected is crucial for preventing breaches. A key feature in this context is Kanati’s ability to perform autonomous session and account password resets for Microsoft 365. “Account takeovers targeting organizations dependent on M365 are among the most common and damaging attacks we observe,” noted Johnny Calhoun, SVP of MDR Operations at Pondurance. “Every minute an attacker maintains access is another minute they can exfiltrate data or launch phishing campaigns. Our Agentic SOC operates at machine speed to analyze and contain these threats with precision, maintaining a complete audit trail of every action.”

When the platform identifies a high-confidence account compromise or unauthorized access within a user’s Microsoft 365 session, it can automatically execute several critical responses. These include terminating all active authenticated sessions for the affected account across Microsoft 365 or Google Workspace, revoking OAuth and refresh tokens to remove attacker persistence, and forcing multi-factor authentication re-enrollment where policy allows. For higher-risk scenarios, it can restrict or suspend account access pending analyst review. Every action is logged with a full audit trail for compliance and post-incident analysis.

MDR Essentials is presented as a complete managed cybersecurity SaaS solution, specifically crafted for highly regulated organizations at risk of ransomware and data breaches. The service bundles a suite of enterprise-grade capabilities chosen to eliminate breach risks. Core components include a managed EDR service compatible with major providers, the Kanati Agentic AI SOC configured for full autonomous operation, and specialized ingestion and analysis of logs from Microsoft M365, Entra ID, and Windows environments. Additional features are RansomSnare microsensor-based ransomware prevention, which stops attacks before encryption begins, and a ticketing system that generates audit-ready incident tickets with explainable AI investigation trails.

Understanding that autonomous action requires transparent communication, Pondurance has built automated customer notification workflows into the platform. These ensure that designated security contacts are immediately informed via phone, email, messaging, or integrated ticketing when any containment action is taken. Notifications provide clear, plain-language summaries of the detection, the action performed, and recommended next steps. For incidents requiring business decisions, escalation notifications are sent directly to specific named contacts. This approach, combined with capabilities like host isolation, ensures the autonomous response process is never a black box, allowing customers to retain full situational awareness.

MDR Essentials with the Kanati Agentic SOC for autonomous operation is scheduled to become available by April 30, 2026. Pricing will be structured based on the number of endpoints within a customer’s environment.