Creating a Security Agent with Cohere North and Wiz - Cohere

2026-06-25 · Source: cohere.com via Google News · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Cloud Computing & IT Infrastructure · Depth: Intermediate, medium

Summary

Cohere has developed a security agent using its enterprise AI agent platform, North, integrated with the cloud security platform Wiz via a custom Model Context Protocol (MCP) server. This solution automates incident response workflows, addressing the challenge of translating Wiz's high-fidelity security findings into actionable steps, a process that previously took 30 minutes to 2 hours per finding. The architecture connects North to Wiz's GraphQL API through a lightweight Python MCP server, exposing eight atomic tools for tasks like listing issues, querying assets, and updating issue statuses. Key use cases include a 20-second "toxic combination" blast radius analysis, assisted end-to-end incident response for critical issues, and an autonomous weekly security posture brief generated every Monday at 3:00 a.m. This automation shifts human expertise from initial alert triage to evaluating agent assessments, significantly improving efficiency and consistent visibility.

Key takeaway

For AI Security Engineers managing growing cloud footprints, integrating an AI agent platform like Cohere North with your cloud security platform can drastically cut incident response times. You can automate initial triage, generate comprehensive IR reports, and create tickets from a single prompt, freeing your team to focus on strategic evaluation rather than manual data correlation. Consider replicating this architecture to shift your security operations from reactive alert handling to proactive assessment.

Key insights

Integrating AI agents with cloud security platforms automates incident response, reducing manual effort and accelerating triage.

Principles

• Prioritize critical instructions at the top of system prompts.
• Validate API behavior against actual implementation, not just documentation.
• Design write operations to be fault-tolerant for partial failures.

Method

Connect an AI agent platform (e.g., Cohere North) to a cloud security platform (e.g., Wiz) via a custom MCP server exposing atomic API tools, then define workflows with structured system prompts.

In practice

• Automate "toxic combination" blast radius analysis.
• Generate end-to-end incident response reports.
• Schedule autonomous weekly security posture briefs.

Topics

• AI Security Agents
• Incident Response Automation
• Cohere North
• Wiz Platform
• Cloud Security
• Model Context Protocol

Code references

• cohere-ai/cohere-security-toolkit
• cohere-ai/cohere-security-toolkit

Best for: AI Security Engineer, AI Engineer, Director of AI/ML

Related on AIssential

• AI Threat Readiness Pillar 4: Detect and contain threats in real-time — AI threats demand real-time, AI-driven detection, investigation, and automated containment across all layers to counter accelerated exploitation.
• Claude Enterprise Meets the Security Graph: Wiz Integrates with Anthropic's Compliance API — Integrating AI tool activity logs into existing security graphs centralizes visibility and governance.
• Running Codex safely at OpenAI — Securely deploying AI coding agents requires robust controls, granular visibility, and a balance between productivity and risk management.
• How Wiz Became a US$32bn Cloud Security Powerhouse — Wiz's rapid growth and US$32bn acquisition highlight the critical value of comprehensive, agentless, and AI-aware cloud security solutions.
• AWS Announces General Availability of DevOps Agent for Automated Incident Investigation — AWS DevOps Agent uses generative AI to autonomously investigate incidents and automate operational tasks across diverse environments.
• Product Launch - Cohere — Cohere is rapidly expanding its enterprise AI product portfolio, covering developer tools, agentic capabilities, and multimodal solutions.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by cohere.com via Google News.