Your SOC is tired, AI isn’t

Security teams have discussed AI in the SOC for years, but solid evidence of its impact has been limited. A recent benchmark study by Dropzone puts measurable evidence behind the idea, showing that AI agents can help analysts work faster and with greater accuracy during alert investigations, without major changes to existing workflows.

Researchers measured how 148 security professionals performed under two conditions: using AI assistance or investigating manually.

Faster investigations, less fatigue

The study found that analysts using AI completed their work faster than those working without it. The time saved was consistent across both types of investigations, and accuracy improved along with speed. Analysts supported by AI were better at pinpointing the right conclusions, even as the work became more complex.

Manual analysts tended to slow down and lose detail as the scenarios went on, reflecting what often happens in a SOC under pressure. The AI-assisted group stayed more consistent, showing fewer signs of fatigue and maintaining a steadier pace of decision-making.

More detailed investigations

Analysts using AI produced investigations that were more complete and better documented. Their notes showed more consistent attention to investigative steps and less drop-off in detail between the first and second tasks.

By contrast, manual analysts often shortened their reports as they went along, leaving out key observations or analysis. The findings suggest that AI support helped maintain focus and thoroughness, even when analysts faced repetitive or time-consuming tasks.

Maintaining that consistency helps analysts stay alert to key indicators and lowers the risk of errors that often come with fatigue or heavy alert volumes.

Positive experience with AI tools

Analysts who used the AI tools generally had a good experience and described them as “efficient,” “helpful,” and “time-saving.” Many said the tools made their work feel smoother, cutting down the time spent on repetitive steps while still giving them control over the investigation. Several participants noted that the AI summaries helped them organize their thoughts and move more quickly to validation and reporting.

Few participants said they found the tools confusing or overwhelming, which suggests the learning curve was low. Most agreed the AI support blended naturally into their usual workflow instead of disrupting it. Many also said they would recommend similar tools to peers, citing time savings, clearer investigations, and fewer missed details as the main reasons.

“These results indicate that AI-driven investigation platforms enhance speed and accuracy to provide immediate operational value,” said Hillary Baron, Associate VP, Cloud Security Alliance.