Simbian launches AI platform for unified cyber ops

Simbian has launched a security operations platform that brings together offensive and defensive cyber security work through a shared AI reasoning system, as organisations face faster attacks and growing pressure on security teams.

The Mountain View company says the platform is built around the Simbian Context Lake, a central layer that stores information about an organisation's environment, past decisions and internal operational knowledge. Multiple AI agents use that information to identify threats, test for weaknesses and trigger responses across different parts of the security stack.

The announcement reflects a broader shift in cyber security, as vendors try to move beyond isolated automation tools and toward more connected systems that can interpret context across a company's infrastructure. The goal is to reduce delays that arise when security operations, threat hunting and testing teams work separately or rely on manual handoffs.

According to Simbian, the platform links three products: its AI SOC Agent, AI Pentest Agent and AI Threat Hunt Agent. The tools are designed to follow the same procedures used by experienced security practitioners and to pass findings between one another automatically. In practice, a weakness uncovered during a penetration test could raise the priority of a related alert seen by a security operations team.

That approach comes as businesses contend with two parallel trends. Faster software release cycles and wider use of AI-assisted coding have increased concern that vulnerabilities may be introduced or missed in applications and cloud environments. At the same time, attackers are using AI tools to scan for and exploit those weaknesses much faster than before.

Simbian argues that many current systems are missing context. Rather than focusing only on alerts or isolated technical signals, the platform reasons across both security and non-security data, including details about infrastructure, prior analyst decisions and operational knowledge that would otherwise sit with individual team members.

Ambuj Kumar, Co-Founder and CEO of Simbian, said organisations can use that internal understanding as a defensive strength.

"Attackers may use AI to move quickly, but defenders have a unique advantage - the deepest knowledge of their own data and environment," said Ambuj Kumar, Co-Founder and CEO, Simbian.

He added: "Simbian combines that knowledge with AI-driven reasoning across offensive and defensive security tools, enabling unified, autonomous response that turns enterprise context into a decisive advantage against AI-armed attacks."

Shared Context

At the centre of the platform is the Context Lake, which Simbian describes as a shared intelligence foundation for its AI agents. The system is designed to capture not only technical information but also the institutional knowledge analysts accumulate over time, such as why certain alerts were escalated, how previous incidents were handled and what normal behaviour looks like in a given environment.

The platform updates that shared knowledge base as analysts provide feedback, with the aim of improving accuracy over time. It also includes case management functions and API integrations with more than 90 security tools, allowing information and actions to move between security and IT systems.

The market opportunity for this kind of product is growing as companies look for ways to handle larger volumes of alerts without adding equivalent numbers of analysts. Security teams have long used rule-based automation for repetitive tasks, but those systems often require extensive maintenance and can struggle when an incident does not match expected patterns. Vendors are increasingly positioning AI reasoning as a way to make automated systems more adaptable.

Product Rollout

The AI SOC Agent and AI Pentest Agent are now generally available for immediate deployment. The AI Threat Hunt Agent is in private preview, suggesting Simbian is still testing that part of the platform with selected users before a broader launch.

The rollout gives Simbian a fuller product set at a time when cyber security buyers are weighing whether to consolidate tools and place more trust in AI-led operations. Many organisations remain cautious about handing over critical detection and response tasks to autonomous systems, particularly in complex environments where errors can have operational consequences. That makes explainability, auditability and consistency important factors in adoption.

Simbian's positioning centres on the idea that offensive and defensive work should not be treated as separate disciplines. In many companies, penetration testing, security operations and threat hunting are managed by different teams, often using different tools and reporting lines. By tying those functions together through a common intelligence layer, the company is trying to show that findings in one area can have immediate operational value in another.

Simbian is also releasing a book on the use of AI in security operations, aimed at practitioners planning deployments of AI tools in their organisations. While that sits outside the core product launch, it underlines how vendors in the sector are also trying to shape the discussion around how security jobs and workflows may change as more tasks move into automated systems.

With the AI SOC Agent and AI Pentest Agent already on the market and the AI Threat Hunt Agent in private preview, Simbian is making a broader case that security teams need connected, context-driven systems to keep pace with AI-enabled attacks.