CrowdStrike co-founder and CEO George Kurtz is calling 2026 the “breakout year” for the agentic security operations center, arguing that SOC teams are being pushed to reinvent how they work as enterprises race to adopt AI. Kurtz said the SOC is entering a “revolution” phase where automating triage and investigation through AI agents becomes essential to keep pace with rising workloads and new risks tied to securing AI tools.
Kurtz also framed the shift as a platform transition that will accelerate the replacement of traditional SIEM approaches, with agents taking on more entry-level investigation while analysts manage and oversee a broader set of automated workflows. He pointed to CrowdStrike’s Falcon Agentic Security Platform, launched in September, as a foundation for expanding agentic capabilities through an “AI-ready” data layer, and to the company’s August acquisition of data pipeline startup Onum as part of its next-gen SIEM push. Kurtz emphasized that partners will be critical in helping customers re-engineer existing data and processes to operationalize AI agents across security workflows.