Last updated at Tue, 29 Apr 2025 12:40:00 GMT

Rapid7 AI Alert Triage helps SOC analysts quickly and accurately triage thousands of daily alerts, improving efficiency and enabling focus.

One universal truth in Security Operations Centers (SOCs) is that analysts are overwhelmed by the high volume of alerts they receive. In a recent survey, SOC teams reported they are inundated with an average of 4,484 alerts daily, with a staggering 67% being ignored due to alert fatigue and the high volume of false positives. Also reported in the same survey, the number of security alerts they received had “significantly increased” in the last three years. All this can lead to alert fatigue, resulting in missed or ignored alerts and potentially exposing an organization to legitimate threats, impacting SOC performance.

Introducing AI Alert Triage for InsightIDR

Rapid7's AI Alert Triage –  trained and tested by the Rapid7 global MDR service across trillions of alerts worldwide — will soon be available to users of our next-gen SIEM, InsightIDR, at no additional cost. The AI Alert Triage engine quickly suggests an initial disposition (benign or malicious) for alerts, providing clarity into why that disposition was chosen and supporting information from the investigation.

The new AI Suggested Disposition field shows the alert classification, along with detailed information to assist the SOC analyst.

Without access to the Rapid7 AI Alert Triage capability, SOC teams can waste significant time manually evaluating and correctly classifying malicious alerts, increasing their threat exposure and contributing to SOC inefficiency. With AI Alert Triage, SOC analysts can automatically and accurately focus limited security resources on legitimate threats and improve SOC performance.

Built on Decades of AI Expertise in Security

Rapid7 is not new to infusing AI with its security applications. Rapid7 is a pioneer in AI development for security use cases, starting in our earliest days with our VM Expert System in the early 2000s. Since then, Rapid7 has integrated Generative AI into the Command Platform to supercharge SecOps and augment MDR services.

Our AI-powered platform processes 4.8 trillion alerts weekly for our MDR customer base with a 99.93% benign alert closure rate. This has resulted in hundreds of hours of manual effort saved for the SOC analysts.

AI Alert Triage Improves Your SOC’s Effectiveness

Having thousands of daily alerts automatically and correctly classified is a huge productivity boost for overwhelmed SOC analysts.

SOC analysts being overwhelmed by high volumes of daily alerts is hardly a new phenomenon. However, up until now, SOC analysts have been unable to effectively deal with this massive number of alerts, and organizations have become victims of alert fatigue. The same survey referenced above reports that analysts spend nearly 3 hours (2.7) each day manually triaging alerts, a figure rising to more than 4 hours a day for 27% of respondents. And, on average, security analysts are unable to deal with over two-thirds (67%) of the daily alerts they receive. What’s more, they say 83% of these alerts are false positives and not worth their time.

By using AI Alert Triage, Rapid7 customers can leverage decades of proven Rapid7 AI technology to quickly and accurately classify the deluge of alerts and not be forced into a situation where they intentionally ignore alerts. Key capabilities include:

  • Rapid identification and prioritization of genuine threats: AI Alert Triage helps customers quickly distinguish true positives from noise, enabling security teams to prioritize investigations based on validated, high-confidence alerts.
  • Enhanced Threat Detection Speed and Accuracy: Leveraging MDR-validated AI ensures alerts reflect real threats, helping SOC teams respond swiftly and confidently to advanced threats and subtle attack indicators.
  • Human oversight of automatic classification: AI Alert Triage has attained a 99.93% benign alert closure rate with nearly 5 trillion weekly alerts; every alert is documented, with full transparency and opportunity for human intervention.
  • Reduced Alert Fatigue and False Positives: With AI Alert Triage validated by MDR analysts, customers experience dramatically reduced false positives, significantly cutting down time wasted on non-critical alerts.
  • Streamlined Workflows and Focus: AI Alert Triage automates repetitive tasks to streamline initial analysis, enabling security teams to jumpstart investigations and dedicate more time and resources to critical initiatives.

Transform Your SOC Performance Through Proven AI Assistance

Unmatched 99.93% accuracy and speed in Rapid7’s AI models drive trust and confidence in automatic decision-making and reduce alert fatigue for SOC analysts, improving SOC performance and speed. At Rapid7, we are pioneering the infusion of artificial intelligence into the Command platform, empowering  SOCs around the globe and dramatically transforming their effectiveness through GenAI.

To learn more about AI Alert Triage, contact your account team or your Customer Success Advisor.