What is Jutsu
Jutsu is an AI-native Security Operations OS. This page explains what the platform is, the products in the family, and how they work together so you know where to begin.
What Jutsu is
Jutsu is an umbrella Security Operations Center (SOC) operating system. Instead of stitching together separate SIEM, SOAR, MDR, threat-intelligence, and reporting tools, you run one AI-native platform that ingests your security data, detects threats, correlates them into incidents, drives response, and reports on what happened.
The platform is built around autonomous AI agents that do the repetitive analyst work — scoring detections, enriching them with context, correlating related activity, and executing response — while your team stays in control of investigations and escalations.
Jutsu is multi-tenant and organization-scoped. Every event, alert, incident, case, and credential belongs to an organization, and all access is evaluated within that boundary.
The product family
Jutsu centers on AgentSOC, the SOC platform, with AgentSOAR as its built-in response automation.
| Product | Role |
|---|---|
| AgentSOC | The SOC platform. Ingests events, runs detection and triage, correlates alerts into incidents, manages cases, and drives response. This is the core. |
| AgentSOAR | The response automation module of AgentSOC. Executes cloud, email, and identity response actions (playbooks) against your connected providers. |
How it fits together
AgentSOC runs the full SOC lifecycle as one pipeline. Your forwarders and connectors send events to the platform; autonomous agents normalize, score, enrich, and correlate them into incidents; and response runs through AgentSOAR — recommended or executed automatically, always with an audit trail.
Events -> AgentSOC (detect + enrich + correlate) -> Incidents -> Response
|
AgentSOAR (actions)Your analysts stay in control of investigations and escalations while the AI agents handle the repetitive work.
Where to start
If you are new, read the Architecture overview to understand the data pipeline, then the Concepts & glossary to learn the vocabulary used throughout these docs. When you are ready to connect data and see your first triaged alert, follow the Quickstart.