Tonic Security has launched what it calls the industry’s first Agentic Mobilization Coordinator. The AI-driven platform autonomously manages vulnerability remediation from discovery to resolution. In doing so, the company is seeking to enable teams to fix vulnerabilities fast enough to prevent exploitation.
The Israeli startup emerged from stealth last year with $7 million in seed funding. The company is positioning the Mobilization Coordinator as a key addition to its Agentic Exposure Management Platform. CEO Sharon Isaaci frames the challenge bluntly: “Most breaches don’t happen because vulnerabilities weren’t found – they happen because teams couldn’t decide and act fast enough.”
Tonic’s approach relies on a Security Data Fabric. It continuously ingests data from security tools, IT systems, and internal knowledge sources. AI agents then analyze this information to determine criticality, ownership, exploitability, and business impact. The result is a prioritized queue of actionable risks rather than generic severity scores, the issues of which we have charted plenty of times.
Every recommendation and action within the platform is designed to be explainable, evidence-backed, and policy-controlled. Human teams maintain oversight while agents handle investigation, coordination, and follow-through. This balance should keep humans engaged to ensure systems align with security objectives. At the same time, the added help should reduce the volume of detections that are widely exceeding human capacity.
From scoring to orchestration
Traditional vulnerability management tools have struggled to keep pace as attack surfaces expand and exploit timelines shrink. Tonic replaces static scoring with an AI-native decision engine that not only identifies what matters but also orchestrates the entire remediation process.
The Mobilization Coordinator routes work to appropriate owners, provides context and guidance, and validates that risk has actually been reduced. It does this by rescanning environments and verifying the current configuration. If remediation proves unfeasible or introduces operational risk, the system proposes mitigating controls or formal risk acceptance aligned with organizational risk appetite.
AI-infused security scoring systems are clearly in vogue. Just yesterday, we highlighted Claude’s new vulnerability-checking capabilities. One key risk is that many vendors will implement AI-based scores on their own terms, even if a standardized alternative would be preferable. That will take some time to materialize.
Measurable impact
Tonic’s early customers are reporting significant operational improvements. The company cites a 90 percent reduction in exposures requiring remediation, 50 percent faster remediation of business-critical risks, and 80 percent of remediation automatically orchestrated. This last figure translates to reclaiming roughly 35 percent of security team capacity.
Tonic’s platform operates through four core capabilities: Collect (continuous data ingestion), Contextualize (inferring operational context), Prioritize (transforming findings into business-aligned decisions), and Act (end-to-end remediation orchestration). The system automatically validates remediation outcomes and delivers executive-ready visibility into risk reduction over time.