SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Hyperscale
#
Cloud Security
#
Advanced Persistent Threat Protection

Tamnoon unveils AI-powered managed cloud threat response service

Yesterday
Author image
By Catherine Knowles, Journalist

Tamnoon has announced the introduction of a managed Cloud Detection and Response (CDR) service, designed to help organisations address cloud security alerts efficiently while reducing exposure to threats.

The service, which is built on AWS and integrates with platforms including Wiz Defend, Amazon GuardDuty, and CrowdStrike Falcon, aims to provide security tool-agnostic coverage for organisations using any Cloud-Native Application Protection Platform (CNAPP) that supports runtime detection. Integration with further CNAPP providers is planned for future releases.

New AI-powered agent

With the launch of the managed CDR service, Tamnoon has also introduced Tami, an AI-powered agent. Tami operates alongside Tamnoon's human-led CloudPros remediation team to detect, analyse, and resolve active threats in real time, prioritising actions without disrupting production environments. The AI agent applies contextual awareness and machine learning to filter and consolidate alerts, enabling faster response times than human-only processes.

Tami is already integrated into Tamnoon's Managed CNAPP and enhances the capability to combine multiple security alerts into structured actions. This allows security teams to concentrate on critical threats and supports the remediation of vulnerabilities across AWS, Azure, Google Cloud Platform, and Oracle environments.

Operational challenges in cloud security

Tamnoon's 2025 State of Cloud Remediation Report found that more than 35% of all security alerts are classified as critical or high, with critical alerts often taking nearly a year to remediate. The report highlights how persistent CDR alerts, which require manual review and resolution, can create overwhelming workloads for security teams, leading to alert fatigue and the risk of active threats being overlooked.

Tamnoon's managed approach consolidates alerts and supports the triage process, enabling CloudPros to validate and close false positives while escalating genuine threats for resolution. This process is intended to create a managed cloud-native response comparable to Managed Detection and Response (MDR), adapted to suit cloud-specific environments.

Cross-platform integration

The managed CNAPP service from Tamnoon offers integrations with platforms such as Wiz, Prisma Cloud, Orca Security, and others. This cross-platform approach enables deduplication and contextualisation of findings across multi-cloud deployments, supporting the management of alert persistence, even for deprovisioned resources that ordinarily require manual closure. The company emphasises its ability to provide remediation tailored to cloud-native issues and in the required format for the client environment, addressing scenarios that conventional endpoint-focused MDR tools may not.

Industry perspectives

Marina Segal, Chief Executive Officer and Co-Founder of Tamnoon, commented on the need for managed remediation:

"The cloud security industry has created powerful detection tools, but has largely left organisations to figure out responses on their own. There's a distinction between CNAPP and CDR alerts that many security leaders overlook. When a threat is identified by one of these CDR platforms, our technology and team use their expertise combined with CNAPP context, activity investigation, and application context to create a complete picture of an alert, ensuring effective remediation and validating that we won't break anything when we remediate. Our CloudPros specialise in AWS, Azure, GCP, and Oracle, making the experience seamless with hands-on expertise in each cloud."

Tyler J. Farrar, Chief Information Security Officer at Nextracker, also commented on the value of the managed approach, stating:

"By validating what truly matters, clearly explaining the rationale behind every decision, and enabling faster response without risking production stability, a Managed CDR approach gives security teams confidence and clarity. This model empowers teams to focus on strategic initiatives rather than wasting time chasing false positives."

Idan Perez, Chief Technology Officer and Co-Founder of Tamnoon, highlighted Tamnoon's methodology:

"What makes our approach unique is that we don't rely solely on deterministic rules or AI agents. Our system combines machine learning models trained on millions of cloud alerts triaged and fixed with human validation to avoid the false positives that plague fully automated systems. When we detect a potential threat, Tami performs an environment-aware analysis that considers your specific cloud architecture and business context before recommending action, which our human CloudPros then validate line by line before sharing with a customer."

Industry backers, Merlin Ventures, said:

"We've seen a lot of companies try to tackle cloud security, but most stop at detection. Tamnoon goes further. They're actually solving the real problem, the part where security teams are drowning in alerts and don't have the time or confidence to take action. What they've built with Tami and their CloudPros is something we haven't seen before: a real-time, intelligent response that fits into how cloud teams work today. That's what makes us excited to back Tamnoon. They're building the safety net the cloud has been missing."

Bright Pixel Capital shared:

"What stood out to us about Tamnoon is how grounded they are in the reality of what cloud teams actually deal with. They're not just adding more alerts or dashboards, they're giving teams a way to take action confidently, without breaking things. The combo of Tami's AI smarts with real human experts behind the scenes is exactly what cloud security needs right now. We backed them because they're solving a real, urgent problem with a fresh approach that actually works."

Gartner has noted ongoing challenges with automating cloud detection and response, stating, "keep in mind that obstacles to detection and response automation in the cloud still persist. To reduce adoption friction, implementation should be done in stages with a human-in-the-loop process."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
AMD unveils Instinct MI350 GPUs & Helios to spearhead open AI
Seekr leverages Oracle Cloud & AMD GPUs to accelerate AI platform
Upwind appoints Rinki Sethi as Chief Security Officer to drive growth
Phishing-as-a-Service drives surge in cybercrime for 2025
Datadog launches enhanced log tools for cost & compliance needs
Top stories
AU10TIX unveils AnyDoc AI tool to combat document fraud risk
Alex van Someren joins Paladin to boost cybersecurity advisory
Cloudflare blocks 108.9 billion cyberattacks targeting civil groups
Azul & Chainguard launch secure Java containers for enterprises
Azul boosts Java security with improved runtime vulnerability detection