A new research study, conducted by Dropzone AI in partnership with the Cloud Security Alliance (CSA), indicates that AI-assisted security analysts complete tasks significantly faster and with greater accuracy, highlighting AI’s practical impact on security operations and organizational defense capabilities.
The report, titled “Beyond the Hype: A Data-Driven Benchmark of AI in the SOC,” is positioned as the first large, independent study to measure AI’s impact on Security Operations Center (SOC) effectiveness, involving 148 participants.
Security Operations Centers commonly face thousands of alerts daily, many of which are false positives or low-severity issues. This volume can contribute to alert fatigue, causing analysts to spend time on non-critical alarms instead of focusing on genuine threats. This cycle can lead to analyst burnout and potentially increase an organization’s vulnerability to cyberattacks.
AI technology is designed to autonomously investigate alerts, replicating techniques used by expert analysts. This assistance aims to help SOC teams remain focused on critical risks and potentially reduce stress and turnover.
The study evaluated the impact of AI assistance on SOC analyst performance across 148 security analysts. Key findings indicated that AI-assisted investigations were 22–29% more accurate than those conducted by an unassisted control group. Furthermore, investigations were completed 45–61% faster with AI assistance compared to the manual control group.
In addition, 94% of participants reported a more positive view of AI for cybersecurity alert investigations after completing the scenarios. The AI-assisted group also demonstrated more consistent performance under conditions of fatigue, avoiding the sharper decline observed in manual investigations.
Hillary Baron, Associate Vice President at the Cloud Security Alliance, stated, “These results indicate that AI-driven investigation platforms enhance speed and accuracy to provide immediate operational value. The findings underscore the benefit these tools can deliver in high-volume SOC environments, where consistency and efficiency are critical to success.”
Edward Wu, Founder and CEO of Dropzone AI, commented, “SOC leaders are looking for evidence that AI delivers material results. The results of this study are clear: AI is no longer a ‘nice-to-have’ in the SOC, it’s essential to sustaining both quality and analyst confidence in the face of complex threats. With threat actors operating at machine speed and attacks growing more sophisticated, human analysts simply can’t keep pace on their own. This is why Dropzone AI was built, to amplify human capabilities, ensuring that even under pressure, investigations remain fast, accurate, thorough, and consistent. This study validates what we see with our customers every day; AI-assisted SOCs are more resilient, make smarter decisions, and deliver stronger outcomes at scale.”
The study compared analyst performance with and without the assistance of Dropzone’s AI SOC Analyst. Participants were presented with two escalated alert scenarios requiring human review—an AWS S3 bucket alert and a Microsoft Entra ID failed login attempt. Performance was evaluated on four objective measures (accuracy, speed, completeness, and detail) and three subjective factors (perceived difficulty, confidence, and attitudes toward AI).
Dropzone AI, a provider of AI SOC analysts based in Seattle, leverages large language models (LLMs) to equip cyber defenders with AI agents. The company’s AI SOC Analyst aims to autonomously handle routine Tier 1 alert triage, enabling organizations to focus more on proactive security. The technology is used by over 200 organizations, including Mysten Labs, Avalara, UiPath, ECS, and Zapier.
The Cloud Security Alliance (CSA) is a not-for-profit organization focused on cybersecurity education, practical implementation, and credentialing in areas such as AI, cloud, and Zero Trust. CSA contributes to the field through volunteer-driven research, global standards, and vendor-neutral education programs.
