Netskope this week introduced an AI-driven platform layer designed to ease the operational burden on security and network operations teams as enterprises struggle to manage escalating alert volumes and growing infrastructure complexity. The new offering, called Netskope One AgentSkope, is an agentic AI framework that automates key security and network operations workflows within Netskope's Secure Access Service Edge (SASE) platform.

AgentSkope embeds AI agents directly into the Netskope One data layer, enabling them to analyze and act on information without the need to export data to external systems. This approach is intended to streamline processes such as alert triage, investigation, and policy management. According to Netskope, approximately 40% of alerts go uninvestigated in security operations centers (SOC) and network operations centers (NOC) due to a lack of resources and manual overhead.

“We built AgentSkope to act as an autonomous force multiplier, providing a shared architectural foundation that allows organizations to easily deploy AI agents capable of executing end-to-end workflows,” said Sanjay Beri, co-founder and CEO at Netskope, in a statement. “By abstracting away operational complexity and removing internal development bottlenecks, we are empowering security and network leaders to drastically reduce manual troubleshooting, free up their skilled staff for strategic initiatives, and adapt their defenses at the speed of business.”

The agentic AI concept represents a shift from traditional rule-based automation toward more autonomous, context-aware systems that can reason, plan, and execute multi-step tasks. In the context of SOC and NOC environments, this means agents can handle repetitive tasks such as gathering threat intelligence, correlating events, and even initiating remediation workflows—all while maintaining human oversight for final decision-making.

Netskope's announcement comes at a time when enterprises are facing a “rapidly expanding, AI-fueled threat landscape,” as noted by Pete Finalle, research manager for security and trust at IDC. “CIOs and CISOs must invest in agentic security automation as a force multiplier to enhance skilled human resources. The ability to intelligently triage threats, help manage the increasing scope and scale of modern threats, and keep up with new AI models/agents can no longer remain a manual process,” Finalle said in a prepared statement.

AgentSkope is integrated into the Netskope One platform, which combines cloud-delivered security, networking, and Zero Trust capabilities. The company says that the design allows customers to configure agents from a single interface and ensures they can access all relevant data sources without additional integrations. Running agents directly on data sources reduces the need to move large volumes of data to other systems, lowering costs associated with SIEM data ingestion and storage.

“Netskope AI agents are specifically designed with platform workflows in mind and deeply embedded within the architecture,” said Rich Davis, director of product and solutions marketing at Netskope, in an interview with Network World. “Agents can handle the repetitive triage and investigation work so human analysts can focus on higher-value decisions.”

The new agents use natural language interfaces and are designed to execute multi-step workflows, from investigation through remediation recommendations. With this release, Netskope is launching six agents:

• DLP AISecOps Agent: Automates DLP alert triage, reducing false positives and surfacing priority cases.
• Insider Threat AISecOps Agent: Correlates user behavior and DLP data to identify insider risks.
• Private Access AIOps Agent: Audits access settings and generates policies based on usage patterns.
• DEM Data Intelligence Agent: Converts telemetry data into actionable troubleshooting insights.
• DEM Insights Agent: Highlights performance issues and trends across digital environments.
• CCI Insights Agent: Enables natural language queries of cloud and SaaS risk data.

Netskope is also emphasizing the need for human oversight alongside automation. Agents can autonomously gather data, triage risks, and even initiate workflows such as creating IT service tickets or notifying analysts, but they will not take final action without human approval. “Once the investigation is complete, the agent will wait for a member of the security team to review its findings and direct it to take action,” Davis explained. “This provides the balance between time savings and human control.”

The introduction of AgentSkope reflects broader industry trends toward agentic AI in cybersecurity and IT operations. Analysts have noted that traditional security tools often generate overwhelming volumes of alerts, leading to burnout among analysts. By offloading routine triage and investigation to AI agents, organizations can improve mean time to respond (MTTR) and increase overall security posture.

Netskope's SASE platform itself has gained traction as enterprises adopt cloud-first networking and security models. The addition of agentic AI is seen as a natural evolution, extending the platform's capabilities to address operational efficiency. The company plans to expand its agent portfolio on a monthly basis, suggesting a sustained investment in AI-driven automation.

From a competitive standpoint, Netskope joins a growing list of vendors incorporating generative AI and agentic workflows into their offerings. Rivals such as Palo Alto Networks, Zscaler, and Cisco have also announced AI-based features for SOC automation. However, Netskope's approach of embedding agents directly into the data layer—rather than relying on external AI models—may offer performance and cost advantages, particularly for large-scale deployments.

AgentSkope and the six launch agents are available now, with the Insider Threat AISecOps Agent currently in private preview. The general availability of the other agents means customers can begin testing and deploying them immediately. Netskope has not disclosed pricing details but indicated that the agents are included in certain subscription tiers of the Netskope One platform.

For enterprises considering adoption, the key benefits include reduced alert fatigue, faster incident response, lower operational costs, and the ability to reallocate skilled staff to more strategic projects. As the threat landscape continues to evolve, the combination of human expertise and AI-driven automation may become a standard for effective security and network operations.

Source: Network World News