.jpg)
Pondurance today announced MDR Essentials, the first MDR service providing a fully-autonomous SOC that improves the time from threat detection to containment by 90%.
Threat actors today use AI to attack at machine-speed, making it difficult for traditional cybersecurity solutions to accurately detect and contain cyber threats before they can become breaches. Pondurance’s MDR Essentials with the Kanati Agentic SOC operates entirely autonomously at machine-speed in order to stop attacks earlier in the kill chain.
“The era of siloed security tools and reactive SOC operations is over,” said Doug Howard, CEO of Pondurance. “Running autonomously in MDR Essentials, our Autonomous SOC delivers what cybersecurity and IT leaders have been demanding — an enterprise-class cybersecurity SaaS based on Agentic AI that thinks, acts, responds and contains threats at machine-speed. For organizations that struggle to attract qualified cybersecurity talent and deal with alert overload, this is a transformational shift in how they secure their organizations without breaking the bank.”
MDR Essentials with the Kanati Agentic SOC outshines other Managed Security and MDR services by providing a complete cybersecurity solution that doesn’t compromise on accuracy or speed. By incorporating enterprise-grade EDR tools from CrowdStrike, SentinelOne and Microsoft, and ingesting threat signals from commonly used M365 environments, Kanati can rapidly correlate patterns, analyze threats and take direct action to contain any compromise before it can lead to harm.
With cybercriminals migrating to exploit inherent vulnerabilities within the M365 and Entra ID ecosystem, an Agentic AI SOC with the ability to take autonomous response actions as high confidence threats are detected across the Microsoft M365 environment is crucial to stopping breaches from occurring. Among the most critical of Kanati’s capabilities in this use case is autonomous session and account password resets for Microsoft 365.
“Account takeovers targeting organizations that rely on M365 applications and IT infrastructure are among the most common and damaging attack vectors we see,” said Johnny Calhoun, senior vice president of MDR operations at Pondurance. “Every minute an attacker maintains an active session is another minute they have to exfiltrate data, create fraud campaigns, or launch phishing attacks targeting employees, customers or partners. Operating at machine-speed, our Agentic SOC will analyze and contain threats with precision, maintaining a complete record of every action taken.”
When Kanati identifies a high-confidence account compromise, credential theft, or unauthorized access event tied to a user’s Microsoft 365 session, the platform can automatically terminate all active authenticated sessions for the affected user account across Microsoft 365 or Google Workspace environments, revoke OAuth tokens and invalidate active refresh tokens to eliminate attacker persistence, force multi-factor authentication re-enrollment where policy permits, restrict or suspend account access pending analyst review for elevated-risk scenarios, and log all actions with full audit trails for compliance, legal hold, and post-incident review.
MDR Essentials with the Kanati Agentic SOC completes a full suite of enterprise-grade cybersecurity capabilities specifically chosen to eliminate breach risks. Key services include managed EDR service that works directly with CrowdStrike, SentinelOne, or Microsoft Defender, Kanati Agentic AI SOC configured for autonomous operation throughout the entire detection, analysis, and containment cycle, Microsoft M365, Entra ID and Windows log ingestion, correlation and threat analysis, RansomSnare microsensor-based advanced ransomware prevention capability, and a ticketing system for audit-ready incident tickets with full explainable AI investigation trails.
Pondurance recognizes that autonomous action demands transparent communication. The Autonomous SOC platform includes automated customer notification workflows that ensure security contacts and designated stakeholders are immediately informed when containment actions are taken. Real-time alerts are provided by phone, email, messaging, or integrated ticketing channels with clear, plain language summaries of what was detected, what action was taken, and what the customer should do next.
MDR Essentials with the Kanati Agentic SOC for autonomous operation will be available by April 30, 2026. Pricing will be based on the number of endpoints in the customer environment.
About Pondurance
Pondurance is the only next-gen managed detection and response service specifically engineered to eliminate breach risks. As a full-service provider of incident response (DFIR), MDR, exposure management, and cybersecurity advisory and compliance services, Pondurance protects organizations from data breach risks before, during and after they occur. Organizations entrusted with consumer PHI and PII rely on Pondurance to provide a unified platform and outsourced security operations center service to eliminate cybersecurity and regulatory risks.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.