Mid-market enterprises and MSSPs running Triago in production. Measured outcomes. Published numbers.
Foundry's SecOps team was investigating about 30% of incoming alerts. The rest were closing on auto-aging. After enabling Triago across phishing, suspicious-login, and EDR-triage workflows, the untriaged backlog dropped to zero.
The team redeployed two analysts to a long-deferred threat-hunting program. The override rate stabilized at 2.1% by week three.
How a mid-market bank stopped writing playbooks and started writing policy.
HealthcareAuditor sign-off on autonomous response, with two-person approvals.
MSSPHow a 30-person MSSP services 240 SMBs without growing the SOC.
ManufacturingThe verifier abstained. A human caught a real one. The system worked.
Public sectorPilot scoped under FedRAMP Moderate sponsorship.
SaaSDrift-to-remediation in under 90 minutes, on average.
We co-write every case study with the customer's own SOC metrics.