Press Releases

Andesite Partners with Second Front Systems to Deliver the Human-AI SOC to U.S. Department of War

The partnership fulfills a cornerstone of Andesite’s mission to protect those who protect others. 

 

MCLEAN, Va., Feb. 10, 2025 — The Department of War and allied government agencies now can deploy advanced Human-Artificial Intelligence (AI) Security Operations Center (SOC) technologies after a new partnership between Andesite AI (Andesite) and Second Front Systems (2F).

Andesite’s Human-AI SOC will be available through 2F Game Warden, Second Front’s DevSecOps platform built to accelerate authorization and deployment across U.S. and allied government environments. The partnership gives government users a faster, authorized way to deploy Andesite’s best-in-class AI security capabilities into real-world operations.

“Andesite was founded by leaders who spent decades operating in environments where trust and security are non-negotiable,” said Brian Carbaugh, Co-Founder and CEO at Andesite. “That experience inspired us to build solutions that support and empower those who protect others. We are honored to partner with Second Front to strengthen AI security capabilities across the public sector.”

Andesite’s bona fides were further bolstered recently as the company secured a strategic investment from IQT, the not-for-profit strategic investor for the U.S. national security community and America’s allies.

“Andesite offers a unique capability built by a diverse team of national security, cybersecurity, AI, and data experts,” said Grant Whiting, Partner, Investments at IQT. “Their solution can help improve national security and keep America one step ahead of its adversaries.”

Andesite’s Human-AI SOC technology empowers cybersecurity and national security teams with actionable insights that matter most to their organization’s risk profile. It accelerates time to detect, investigate, and respond while connecting data silos and reducing inefficiencies across data sources, tools, and platforms in the security ecosystem.

“AI doesn’t win missions—deployed AI does,” said Mamie Cruse, Chief Mission Officer at Second Front. “This partnership reflects our commitment to delivering advanced AI capabilities to government operators through secure, compliant, and mission-ready deployment paths.”

From inception, Andesite has built a security, trust and safety program that permeates all of its practices. Andesite’s Safe AI Architecture™ protects customer data, applications, and networks with end-to-end encryption, no extract, transform, and load (ETL) requirements, and the assurance that their AI is not trained with customers’ data.

Andesite has achieved FedRAMP High In-Process and recently completed its SOC 2 Type II audit, HITRUST e1, and ISO 27001, 27701, and 42001 certifications.

To learn more about Andesite and schedule a demo, visit andesite.ai.

 

About Andesite
Andesite’s Human-AI SOC empowers cybersecurity teams with the actionable insights they need to make critical decisions, assess threats, and determine risk levels. It enables them to conduct and automate investigations and enrichment, manage high-volume alerts and process threat intelligence reports in minutes. Andesite’s AI technology connects silos and reduces inefficiencies across data sources, tools and platforms in their security ecosystem, helping SOC teams to accelerate time to detect, investigate and respond. Before Andesite, the company leaders and founders spent decades protecting our nation and some of the largest enterprises on the planet against sophisticated adversaries. Andesite embodies their sense of mission and commitment to develop security products that empower those who work protecting others.

Visit us at andesite.ai, check our trust center at ComplianceHigh.com, and follow us on LinkedIn.

 

About Second Front Systems
Second Front Systems (2F) is a public-benefit software company powering software for the free world. We eliminate the friction that slows innovation, enabling faster, more secure development and deployment of software across government and regulated networks. Built by national security veterans and backed by top-tier venture capital, our platform is trusted by the world’s leading organizations to cut deployment timelines from years to weeks. We move fast, solve hard problems, and deliver trusted capabilities where they’re needed most. Our work strengthens global security and gives the United States and its allies a lasting competitive advantage. Learn more at secondfront.com.

Media Contact:

[email protected] 

Andesite,cybersecurity,IQT,Second Front Systems,SOC
PREVIOUS 451 Research Looks at the Impact of AI on the SOC
Blog

451 Research Looks at the Impact of AI on the SOC

To gain perspective on the effects of AI in cyber defense, we have partnered with 451 Research by S&P Global Market Intelligence to publish a Business Impact Brief analyzing the state of the Security Operations Center (SOC) and the impact of AI on its evolution. 

The brief is based on the 451 Research Voice of the Enterprise: Information Security survey, which tracks security professionals across industries since 2020. The survey found that on average, security teams are unable to investigate 45% of the alerts they receive each day. For 18% of the organizations, 75% of the alerts received go uninvestigated. 

The brief analyzes the challenges security teams are facing in the AI-driven threat landscape and assesses the potential business impact of AI SOC solutions across a range of factors, including threat detection, agent-driven remediation, and newly accessible use cases. It also includes predictions for how both attacks and responses will evolve in the near future and how AI will help to transform the role of SOC analysts. 

 

The 451 Research Voice of the Enterprise: Information Security survey has found out that SOC teams are unable to investigate 45% of the security analytics alerts they  receive each day. 

 

Adversaries are using AI to accelerate and rapidly scale attacks, creating significant challenges for security operations teams. As cyber threats proliferate and take a multitude of forms, the volume of data has left many teams experiencing alert fatigue, which poses a major security risk. 

SOC analysts need the ability to quickly review and assess unstructured data from a variety of sources, without moving or reshaping it. Many security teams are seeking to establish a robust data foundation, or data fabric, which allows analysts to identify, triage, and prioritize the most high-risk threats before they inflict damage. 

According to 451 Research, deploying advanced AI-powered systems and data solutions in the SOC is essential to create a single, governed source of truth. Ensuring universal data access enables analysts to automate mundane, repetitive tasks and use their experience, expertise, and contextual awareness to keep the organization safe.

 

Download the Report
451 Research,Andesite,cybersecurity,SOC
PREVIOUS Andesite Achieves Cloud Security Alliance AI-STAR Level 2 Certification, Validating Commitment to Secure and Transparent AI Systems
NEXT Andesite Partners with Second Front Systems to Deliver the Human-AI SOC to U.S. Department of War
Press Releases

Andesite Achieves FedRAMP High “In Process” Designation

Andesite is one step closer to being FedRAMP Authorized and is now available in the federal marketplace

 

MCLEAN, Va., Jan. 23, 2025 – Andesite, the Human-AI SOC company, today announced that it has achieved the Federal Risk and Authorization Management Program (FedRAMP) High Impact Level “In Process” designation, officially joining the FedRAMP Marketplace. This milestone reflects Andesite’s commitment to working with federal agencies to secure mission-critical assets and drive cyber resilience to better serve American citizens. 

The “In Process” designation requires formal sponsorship by a federal agency and a thorough assessment conducted by an accredited third-party organization. Andesite is working toward full FedRAMP Authorized status, the highest security and compliance standard for civilian and federal agencies.

“Founded by former intelligence and military leaders, Andesite is rooted in a deep commitment to protecting those who protect others,” said Dave Brown, CISO & CIO at Andesite. “We are honored to bring Andesite’s security solutions to the federal marketplace, empowering those on the frontlines with the insights they need to secure critical infrastructure. We thank our partners who have helped us achieve this significant milestone and look forward to achieving full FedRAMP authorization.”

Andesite’s Human-AI SOC is designed to support cybersecurity teams with actionable insights that matter to their organization’s risk profile. The product automates investigation and enrichment, manages high-volume alerts and threat intelligence, and accelerates time to detect, investigate, and respond, while keeping humans responsible for decisions and outcomes. 

Andesite is secure and compliant by design. From inception, the company has built a security, trust and safety program that permeates all of its practices. Security is at the core of Andesite’s Human-AI SOC product. Their Safe AI Architecture™ protects customers’ data, applications, and networks with end-to-end encryption, no extract, transform, and load (ETL) requirements, and assurance that their AI is not trained on customers’ data.

This recognition from FedRAMP builds on Andesite’s industry-leading security and compliance achievements. It recently achieved HITRUST, SOC 2 Type II, and ISO 27001, 27701, and 42001 certifications. Together, these assessments reflect a consistent approach to security and responsible AI governance across the company’s technology and operations.

To learn more about Andesite and schedule a demo, visit andesite.ai

About Andesite

Andesite’s Human-AI SOC empowers cybersecurity teams with the actionable insights they need to make critical decisions, assess threats, and determine risk levels. It enables them to conduct and automate investigations and enrichment, manage high-volume alerts and process threat intelligence reports in minutes. Andesite’s AI technology connects silos and reduces inefficiencies across data sources, tools and platforms in their security ecosystem, helping SOC teams to accelerate time to detect, investigate and respond. Before Andesite, the company leaders and founders spent decades protecting our nation and some of the largest enterprises on the planet against sophisticated adversaries. Andesite embodies their sense of mission and commitment to develop security products that empower those who work protecting others.

Visit us at andesite.ai, check our trust center at ComplianceHigh.com, and follow us on LinkedIn.

Media Contact:

[email protected] 

Andesite,cybersecurity,FedRamp High,security operations
PREVIOUS What’s Next for AI-Powered Cybersecurity – Insights From Andesite Leaders and Advisors
NEXT Andesite Achieves Cloud Security Alliance AI-STAR Level 2 Certification, Validating Commitment to Secure and Transparent AI Systems
Blog

What’s Next for AI-Powered Cybersecurity – Insights From Andesite Leaders and Advisors

While AI-powered cybersecurity redefines our field and the broader landscape is impacted by geopolitical conflicts and world events, the industry needs to revisit strategies and rules of engagement. 

 

At Andesite, we are dedicated to arming cybersecurity teams with actionable insights that put humans at the helm, enabling them to make critical decisions, and build a sustainable advantage based on prevention rather than reaction. To help you stay one step ahead, we gathered Andesite’s leaders and advisors to get their insights on where security technology for the enterprise market is going. 

 

“Investigation timelines for SOC teams that embrace AI SOC tech will accelerate dramatically, shifting the focus from investigation speed to investigation quality.”

— William MacMillan, Chief Product Officer, Andesite

 

To prepare for what’s next and empower your team to assess risk and make critical decisions, tap into strategic insights from seasoned security experts who’ve served global organizations including the CIA, Microsoft, JP Morgan Chase, CrowdStrike, and AWS. 

 

Expert insights from security leaders:

  • William MacMillan Chief Product Officer, Andesite
  • Greg Rattray Chief Strategy and Risk Officer, Andesite
  • Alex Thaman Chief Technology Officer, Andesite
  • Merritt Baer Andesite Advisor, Chief Strategy Officer, Enkrypt.AI
  • Kris Merritt Andesite Advisor, Founder & President, Vector8, Inc.

 

Download Our Predictions for 2026


Andesite,Artificial Intelligence,cybersecurity,SOC
PREVIOUS Andesite, The Human-AI SOC Company, Achieves HITRUST e1 and AI Security Certifications Demonstrating Commitment to Cybersecurity and Information Protection
NEXT Andesite Achieves FedRAMP High “In Process” Designation
Press Releases

Andesite, The Human-AI SOC Company, Achieves HITRUST e1 and AI Security Certifications Demonstrating Commitment to Cybersecurity and Information Protection

Andesite’s Secure and Compliant by Design Framework Continues to Meet the Highest Standards for Security, Privacy and AI Governance.

 

MCLEAN, Va., Jan. 13, 2026 – Andesite, the Human-AI SOC Company, today announced that its Human-AI Security Operations Center (SOC) has earned certified status from HITRUST for cybersecurity and information protection.

The HITRUST Certification demonstrates that Andesite has met requirements defined by leading cybersecurity and regulatory frameworks, confirming that strong controls are in place to protect sensitive data and manage risk effectively.

The certification also includes the HITRUST AI Security Certification, which validates that the organization’s AI systems are safeguarded against AI-specific threats such as data poisoning, model inversion, and prompt injection.

“Security and regulatory compliance by design is purposely built into Andesite’s foundation,” said Dave Brown, CISO & CIO at Andesite. “Achieving HITRUST Certification reflects the rigor behind how we build and operate at Andesite. It demonstrates that our approach to security, risk management, and information protection is grounded in independently validated controls and designed for organizations with serious security requirements.” 

Built on the HITRUST Assurance Program, this achievement reflects independent third-party testing, centralized quality assurance, and certification backed by HITRUST’s Cyber Threat-Adaptive engine. These elements ensure continuous alignment with the latest threat intelligence and evolving standards across NIST, ISO, and OWASP.

“Earning HITRUST Certification demonstrates Andesite’s commitment to managing information risk and protecting sensitive data through a rigorous, proven assurance process,” said Gregory Webb, CEO of HITRUST. “This achievement reflects the organization’s proactive approach to cybersecurity and trust.”

From inception, Andesite has built a security, trust and safety program that permeates all of its practices. Security is at the core of Andesite’s Human-AI SOC product. Their Safe AI Architecture™ protects customer’s data, applications, and network with end-to-end encryption, no extract, transform, and load (ETL) requirements, and the assurance that their AI is not trained with customers’ data.

Andesite recently completed its SOC 2 Type II audit and ISO 27001, 27701, and 42001 certifications. The company is one of the world’s earliest adopters of all three ISO certifications. 

To learn more about Andesite and schedule a demo, visit andesite.ai

About Andesite

Andesite’s Human-AI SOC empowers cybersecurity teams with the actionable insights they need to make critical decisions, assess threats, and determine risk levels. It enables them to conduct and automate investigations and enrichment, manage high-volume alerts and process threat intelligence reports in minutes. Andesite’s AI technology connects silos and reduces inefficiencies across data sources, tools and platforms in their security ecosystem, helping SOC teams to accelerate time to detect, investigate and respond. Before Andesite, the company leaders and founders spent decades protecting our nation and some of the largest enterprises on the planet against sophisticated adversaries. Andesite embodies their sense of mission and commitment to develop security products that empower those who work protecting others.

Visit us at andesite.ai, check our trust center at ComplianceHigh.com, and follow us on LinkedIn.

Media Contact:

[email protected] 

Andesite,Compliance,cybersecurity,security operations
PREVIOUS CISO Perspective | The AI SOC: What CISO Buyers Want to Know—and What They Might Be Missing
NEXT What’s Next for AI-Powered Cybersecurity – Insights From Andesite Leaders and Advisors
Andesite

Happy Holidays!

As we head into the holidays, we want to thank the cyber leaders and teams doing the hard work of defending critical assets every day.

 

We’re grateful for this community—and excited for the conversations, dinners, and thought-leadership moments ahead as we continue building a more resilient future, with humans at the helm.

 

HAPPY HOLIDAYS FROM ALL OF US AT ANDESITE.

Andesite
PREVIOUS Andesite CEO Brian Carbaugh talks about SecOps and leadership on CyberBytes: The Podcast
NEXT CISO Perspective | The AI SOC: What CISO Buyers Want to Know—and What They Might Be Missing
Media

Andesite CEO Brian Carbaugh talks about SecOps and leadership on CyberBytes: The Podcast

Our CEO Brian Carbaugh met with Aspiron’s Oliver Legg to discuss his career from CIA Chief of Staff to Bionic AI SOC startup founder. They talked about how a career in intelligence shaped Brian’s approach to leadership, risk, and company-building, the principles and special sauce that make Andesite unique in the category.

 

The conversation delves on how Andesite is taking a contrarian stance on AI in the SOC by putting analysts, not automation, at the center, and how the “replace the analyst” narrative gets it wrong.

 

They talk about how crowded the AI SOC field has become and look at differentiators beyond the hype. Brian explains why he chose a company-builder and foundry model over traditional venture funding and why Andesite has invested on security and compliance from day one.

 

 

Watch the interview
Andesite,Brian Carbaugh,security operations,Startups
PREVIOUS Introducing the Andesite AI SOC Buyer’s Guide 2026
NEXT Happy Holidays!
Announcements

Introducing the Andesite AI SOC Buyer’s Guide 2026

Cybersecurity today is a veritable minefield, with bad actors moving faster than ever and threats becoming increasingly sophisticated, numerous, and far-ranging. The attack surface is constantly growing, and so is the sheer volume of threats encountered across the network each day. Keeping up with threat detection, investigation, and response in this environment can overwhelm even the most experienced security teams, armed with top-rated tools.

 

Enter the AI SOC.

 

With AI transforming the way we work across virtually every sector, applying machine speed and accuracy to the Security Operations Center (SOC) has the potential to revolutionize the way security organizations identify, triage, and respond to threats. Enterprises everywhere are recognizing this potential—and as a result, the emerging AI SOC market is crowded. With new players entering the field all the time, this space is evolving almost as quickly as the cybersecurity landscape itself.

 

Taken at face value, many of these AI SOC solutions appear comparable, often offering the same set of core features and all promising to deliver outstanding results. However, if you’re looking to arm your security team with the best possible system to reduce risk and stay ahead of threats, you need a more granular idea of what to look for in an AI SOC vendor—and which factors will set the right solution apart from the ever-expanding crowd. The goal should be to give your SOC a tool that allows them to be proactive about threat detection and prevention, rather than always playing catch up. 

 

Help Decision-Makers Sift Through the Noise

 

With so many products to choose from, even seasoned CISOs and other decision-makers may find it difficult to know where to invest to address the pain points their organization is facing today while also building a future-focused cyber defense. What’s the smartest approach to figure out which vendor is best suited to your organization’s unique needs, and whether or not an off-the-shelf solution might be the best option? Even knowing where to start can be a challenge.

 

To help you find the right AI SOC for your team, we’ve put together a buyer’s guide, designed to help CISOs and security teams determine how various AI vendors stack up—and land on the best possible solution. By laying out a clear set of questions to ask, with in-depth insights about the various answers you might encounter, this guide gives you a better understanding of the key factors and functions to consider so you can decide how well they will fit with your needs, goals, and current configuration.

 

For example, some AI solutions are fully autonomous, meaning the machine does everything, while others keep humans in the loop. What’s the difference in both how they operate and what kind of results they deliver? What are the advantages of each? How about potential drawbacks? Get the guide and we’ll walk you through it.

 

Other topics we cover include product adaptability, timeliness and actionability of insights, and how products process threat intelligence, including unstructured data and other enrichment sources. As experts in cybersecurity, passionate technologists, and experienced product builders, we’re sharing our unique perspective with the goal of empowering the teams who protect others from sophisticated attackers and adversaries. Use it to elevate your security team and reduce risk exposure by investing in the right AI vendor.  

 

Give your security organization a clear, step-by-step process for assessing and comparing AI SOC vendors, including a handy checklist to pull it all together and help you make the right choice. Download the The AI SOC Buyer’s Guide 2026 and use it to identify the best AI SOC solution for your unique needs, not just for today but far into the future.

 

 

Download the Guide
Andesite,cybersecurity,security operations,SOC
PREVIOUS Andesite Achieves SOC 2 Type II and ISO Certifications, Reinforcing Commitment to Data Security Compliance and Safe AI Practices
NEXT Andesite CEO Brian Carbaugh talks about SecOps and leadership on CyberBytes: The Podcast
Press Releases

Andesite Achieves SOC 2 Type II and ISO Certifications, Reinforcing Commitment to Data Security Compliance and Safe AI Practices

The Human-AI SOC company on short list of cybersecurity startups to achieve SOC 2 Type II and ISO 27001, 27701, and 42001 certifications.

 

MCLEAN, Va., Dec. 10, 2025 /PRNewswire/ — Andesite AI (Andesite) today announced the successful completion of its SOC 2 Type II audit and ISO 27001, 27701, and 42001 certifications. Andesite is one of the world’s earliest adopters of all three ISO certifications. These globally recognized standards and frameworks position Andesite at the forefront of compliance and underscore its commitment to safe, secure, and responsible data and AI practices.

To achieve each of these certifications, Andesite underwent a rigorous independent audit conducted by Schellman, a leader in third-party IT and cybersecurity assessments. Earlier this year, Andesite completed its first FedRAMP High security assessment and is working towards certification, satisfying the standardized approach to cloud security for U.S. federal agencies.

The ISO 42001 certification is the world’s first international standard for AI management systems. It establishes a framework for organizations to responsibly develop, deploy, and monitor AI technologies.

“As an AI SaaS company, we want to ensure our customers see our commitment to security, privacy, and trustworthy AI by design,” said Dave Brown, CISO & CIO at Andesite. “This unprecedented combination of certifications demonstrates the excellence of our Compliance High program and positions Andesite as one of the few companies capable of meeting the highest levels of security, privacy, and AI governance. Our customers can trust that their data and systems are protected at every layer.”

Andesite is secure and compliant by design. From inception, the company has built a security, trust and safety program that permeates all of its practices. Security is at the core of Andesite’s Human-AI SOC product. Their Safe AI Architecture™ protects customer’s data, applications, and network with end-to-end encryption, no extract, transform, and load (ETL) requirements, and the assurance that their AI is not trained with customers’ data.

To learn more about Andesite and schedule a demo, visit andesite.ai.

 

About Andesite
Andesite’s Human-AI SOC empowers cybersecurity teams with actionable insights that matter to their organization’s risk profile. It enables them to conduct and automate investigations and enrichment, manage high-volume alerts and threat intelligence, assess and determine risk levels. Andesite’s AI technology enables SOC teams to accelerate time to detect, investigate and respond while connecting silos and reducing inefficiencies across data sources, tools and platforms in their security ecosystem. Before Andesite, the company leaders and founders spent decades protecting our nation and some of the largest enterprises on the planet against sophisticated adversaries. Andesite embodies their sense of mission and commitment to develop security products that empower those who work protecting others.

Visit us at andesite.ai, check our trust center at ComplianceHigh.com, and follow us on LinkedIn.

 

Media Contact:
[email protected] 

 

Press release
Andesite,Compliance,cybersecurity,security operations,SOC
PREVIOUS Andesite CEO Brian Carbaugh and CPO William Macmillan discussed SecOps on CISO Tradecraft
NEXT Introducing the Andesite AI SOC Buyer’s Guide 2026
Media

Andesite CEO Brian Carbaugh and CPO William Macmillan discussed SecOps on CISO Tradecraft

Our CEO Brian Carbaugh and CPO William Macmillan joined Mark Hardy for a great episode of CISO Tradecraft. They discussed the Human-AI SOC and how AI is transforming security operations.

They delved into the efficiency, accuracy, and proactive threat detection that AI systems bring to the SOC, and the critical role of contextual data in modern threat detection. The conversation covered the challenges of legacy SIEMs, the benefits of AI to solve for alert fatigue, and the sea change offered by a new SOC architecture.

Watch the full interview here.

Andesite,Brian Carbaugh,cybersecurity,security operations,SOC,William MacMillan
PREVIOUS Andesite’s Chief Product Officer William MacMillan talks with Politico
NEXT Andesite Achieves SOC 2 Type II and ISO Certifications, Reinforcing Commitment to Data Security Compliance and Safe AI Practices