Cynet has announced new capabilities for its CyAI engine, positioning the update as a practical shift from standalone automation to a continuous improvement loop between analysts and machine analysis.
The company says the CyAI platform learns over time by incorporating input from CyOps—its “24×7 team of security experts”—alongside real-world telemetry collected and analysed at scale.
The announcement frames CyAI as the engine behind prevention, detection, and response across Cynet’s unified cybersecurity platform.
With the latest release, Cynet claims CyAI now learns directly from investigations performed by CyOps, with the aim of improving detection accuracy, reducing false positives, and strengthening identification of novel threats.
Central to Cynet’s message is the idea of a “velocity” shift in offensive and defensive cycles. The company argues that recent AI-enabled shifts have shortened the vulnerability-to-exploitation window from days to hours, meaning defenders must match that pace.
In Cynet’s framing, this requires behavioural detection that can flag malicious activity before it is tied to a specific CVE, while analysts contribute attacker context and judgement to investigations. Over time, the model benefits from both the automated signals and the analyst interpretation.
Yaniv Shechtman, vice president of product at Cynet, described the company’s approach as more than a slogan about human involvement: “Too many platforms talk about human-in-the-loop, but stop short of closing it. With CyAI, we’ve built a system where human expertise and AI continuously reinforce each other.”
He added that the “learning loop” is designed to accelerate response and expand capacity for CyOps and partner managed detection and response teams.
Cynet also outlined three concrete mechanisms intended to drive feedback into future outcomes. First, CyOps recommendations are said to validate, refine, and enrich AI-generated alert insights, which then sync across the Cynet console and notification emails and feed back into future detection and response.
Second, GenAI console explanations are described as including suggested remediation playbooks based on CyOps knowledge and platform telemetry, supporting organisations that prefer guided, hands-on incident response.
Third, a new CyAI support agent is presented as a chatbot embedded in the console, offering structured remediation guidance in response to plain-language questions, with improvements intended as the model learns from real-world activity.
Ronen Ahdut, head of CyOps at Cynet, emphasised that the system improves not just by what it “sees”, but by how experienced defenders interpret it: “That learning loop becomes even stronger when combined with CyOps analysis and recommendations around each threat.”
Cynet further states that CyAI already supports AI-generated alert summaries, automated decryption and payload analysis, and correlation of alerts across vectors to surface full attack paths.
The company claims CyAI can automatically remediate up to 90% of threats and reduce false positives to less than 1%. It also credits its Data Science team, led by Timea Kovacs, for building the AI components powering CyOps and advancing its agentic AI direction.
