Jul 8, 2026

Who Pays When the Model Gets Expensive: Reading an AI SOC Contract Like a CFO

Q1: Why is your AI SOC invoice suddenly unpredictable?

Your AI SOC invoice is unpredictable because pricing moved from a flat seat fee to variable, per-token consumption. Each alert can trigger dozens of model calls, so cost scales with attacker activity and agent behavior rather than headcount. A single misbehaving agent can burn a year’s token budget in a week, which is why CFOs now read these contracts line by line.

See how the UnderDefense Agentic AI SOC investigates, triages, and resolves real alerts.

The invoice that doesn’t match the budget

I came up writing 10,000 lines of PowerShell and building SOCs by hand. Today I help orchestrate systems that fire 100-plus model calls to investigate one alert. That shift changed the bill in a way most budgets never planned for.

Here is the new reality. A flat subscription gave you one number per year. Per-token pricing gives you a number that moves every single day.

The board starts asking why

So the invoice climbs, and nobody on the team can explain why. The board sees the line item grow and starts asking hard questions.

Why the meter spins faster than you expect

Pipeline showing one alert expanding into many model calls, more tokens, and higher cost per ticket
How a single alert multiplies into runaway token cost across an agentic investigation.

The cost now rides on consumption, meaning tokens the model reads and writes. When attacker activity spikes, your agents work harder, and the meter spins faster.

One alert is rarely one model call. A modern agentic AI SOC can chain many calls to investigate a single event. More calls means more tokens, and more tokens means more cost per ticket.

When an agent goes sideways

This is the part that scares finance. What you budgeted for a full year of token capacity, an agent going sideways could consume in a week. I have watched it happen, and it is not a slow drift.

What actually decides who pays

Here is the payoff, and it is the whole point of this guide. The market does not decide who absorbs that volatility. Your contract does.

A fatigued board is already questioning whether security capital is spent well. The leaders who win that room translate cyber risk into plain financial exposure. This is the volatility transparent providers like UnderDefense design against, and the rest of this article shows you how to read for it, the same discipline behind our MDR service.

Q2: How is an AI SOC contract priced, and what does one alert actually cost?

An AI SOC contract governs a managed or co-managed service where AI agents triage and investigate alerts. It is priced five ways: per-token or pass-through, per-action, tiered with overage, hybrid, or flat-rate with a fair-use cap. Cost rides on input and output tokens, billed per million and sometimes discounted for cached or batched calls. One alert can need 100-plus model calls, so the honest unit is cost-per-investigated-alert.

The five pricing models, in plain English

Maturity tiers of AI SOC pricing models from per-token up to flat-rate with fair-use cap by predictability
Five AI SOC pricing models, climbing from least predictable to most budget-safe.

Let me define the contract first. An AI SOC contract is the agreement that sets how an outside team and its AI agents detect, triage, and investigate threats for you. The pricing model inside it decides how predictable your year looks.

The billable unit is the token, a chunk of text the model reads (input) or writes (output). Vendors price these per million tokens, and output usually costs more than input. Some discount cached or batched calls to soften the bill.

How the models compare for a security buyer

Here is how the five models compare for a security buyer.

AI SOC Pricing Models Compared
Pricing model Budget predictability Cost-overrun risk Best-fit buyer
Per-token / pass-through Low High Heavy engineering teams who want raw control
Per-action (per alert, per response) Medium Medium Teams with steady, known alert volume
Tiered with overage Medium Medium to high Predictable base load, occasional spikes
Hybrid (base fee plus usage) Medium to high Medium Most mid-market SOCs
Flat-rate with fair-use cap High Low Buyers who need a fixed annual number

What one alert really costs

Now the part vendors rarely show you. At a typical alert, an agentic system can make over 100 distinct model calls to investigate it autonomously. The orchestration is hard, and every call adds tokens.

So the right unit is not the headline price per million tokens. It is cost-per-investigated-alert. I have seen a single agent rack up close to $24,000 because nobody was watching the per-agent meter.

The hidden tax on visibility

Here is my contrarian read, earned from inside the work. Consumption pricing is a quiet tax on security visibility. When you pay per token or per gigabyte, you get nudged to log less and inspect less, which makes you less safe over time.

At UnderDefense, we run toward transparent, flat-with-cap MDR pricing and per-agent token visibility, so you see exactly which agent spends what. My advice for Monday: run a 30-day pilot, measure your token-to-task ratio, and turn that into a real cost-per-investigated-alert before you sign anything, a discipline we walk through in our MDR buyers guide.

Q3: Who pays when the model gets more expensive mid-contract?

It depends entirely on the clause. Under fixed-price terms the vendor absorbs upstream model price hikes. Under an LLM cost pass-through clause you pay the increase, usually after 30 to 60 days notice and limited to the actual cost rise. Model-refresh and re-tuning clauses quietly turn a fixed price into a variable one. The contract, rather than the market, decides who eats the increase.

The verdict comes down to one clause

Branch diagram showing fixed-price clause means vendor pays while pass-through clause means you pay the increase
One clause decides who absorbs a mid-contract model price increase.

I will give you the answer first, then the proof. Read the pricing-adjustment clause before anything else, because that single paragraph decides your downside.

Under a true fixed-price term, the vendor eats any upstream model price increase. Under a pass-through clause, that increase lands on your invoice, normally after a 30 to 60 day notice and capped to the real cost change.

The soft language that hides the trap

The traps hide in softer language. A “model-refresh” or “re-tuning” clause lets a vendor bill you to upgrade or retune agents as models evolve. That quietly converts your fixed price into a variable one.

This is the kind of detail that separates a true SOC service partner from a black-box vendor, and it is worth your time at the table.

A clause-by-clause red-flag map

Contract Clause Red-Flag Map
Clause Who pays under it Negotiation counter
LLM cost pass-through You pay the upstream increase Add a hard cap and a fixed notice window
Model-refresh / re-tuning You pay for upgrades and retuning Make refreshes included or capped per year
Fair-use provision You pay above a usage line Define the line in writing, in your units
Model deprecation / pull You absorb forced migration cost Require notice and a funded migration path

The overlooked exposure: when the model gets pulled

There is a risk most contracts ignore entirely. A provider can deprecate or pull the model your vendor runs on, forcing a migration you did not budget.

My hard-won tactic here is model portability, the ability to bring your own model provider. When you bring your own, you pay outbound costs and manage them through your own AI governance, instead of paying a vendor’s markup.

Portability as a structural hedge

At UnderDefense, we built vendor-agnostic, model-portable workflows as a structural hedge against exactly this kind of pass-through bill shock. You can see how this plays out across our UnderDefense Agentic AI SOC integrations, which keep your detection logic in your own stack.

Q4: Where do the hidden costs hide in an AI vendor contract?

Hidden costs hide in five places: prepaid-credit “use-it-or-lose-it” traps, model-refresh fees, data egress charges, support-tier escalation, and opaque per-unit pricing. Add shadow drivers like data prep, integration overhead across your SIEM and data lakes, hallucination remediation, and roughly 50% year-over-year log-storage growth. The headline rate ends up a fraction of true spend.

The five places the money leaks

The sticker price is the part vendors want you to read. The real total cost of ownership lives in the clauses below it.

Here is where I have watched budgets quietly bleed.

  • Prepaid-credit traps. You buy credits up front, then lose whatever you do not burn by year-end, so unused safety margin becomes pure waste.
  • Model-refresh fees. Every upgrade or retune becomes a billable event instead of a covered one.
  • Data egress charges. Moving your own logs and data out of the platform costs money, which also makes leaving expensive.
  • Support-tier escalation. The help you actually need during an incident sits behind a higher, pricier tier.
  • Opaque per-unit pricing. When the unit is undefined, you cannot model the bill, and you cannot challenge it.

Why ownership of your data matters here

Several of these traps trace back to one root cause, which is who owns your logs and detection logic. Keeping that ownership inside your managed SIEM removes the leverage a vendor needs to charge you on the way out.

The math that takes the board’s breath away

Scale turns small per-unit costs into nightmares. Picture an agent that spends $200 a week per heavy user. Multiply across a 40,000-person enterprise, and you are staring at a line item over $400 million. That number takes you back in your chair.

Storage compounds the problem on its own clock. In real total-cost-of-ownership modeling, you should assume roughly 50% log-storage growth year over year. Your “fixed” platform quietly gets more expensive just by doing its job.

Plan for this in your budget

This is exactly why I tell teams to model storage growth before signing, a step we build into the 2026 cybersecurity budget playbook.

Where the integration and exit costs live

The headline rate also ignores the work to make any of this run. Data prep, integration across your SIEM (your log and alert hub) and data lakes, and hallucination remediation all carry real cost.

One more honest warning. Read the gap between the Order Form and the Terms of Service, because the friendly price sits in one and the painful conditions sit in the other.

Avoid the rebranded “AI” product

Avoid “AI washing,” where a vendor simply renamed an old product and slapped an AI label on it. At UnderDefense, we hold to a model with no ingestion fees and no egress penalties, so high-fidelity logging stays affordable instead of becoming a tier-based tax, which is the same philosophy behind our approach to why businesses switch providers.

Q5: Why do 40% of agentic AI projects get cancelled, and is cost the cause?

Gartner projects that 40% of agentic AI projects will be cancelled by the end of 2027, with escalating, unpredictable cost a leading driver. The root cause is economic. Agentic systems that locally minimize tokens often globally misallocate them, over-routing and over-delegating until the bill outruns the value. Cost overrun, more than capability, ends most of these projects.

The number behind the cancellations

Progress ring showing 40 percent of agentic AI projects projected to be cancelled by end of 2027
Gartner projects 40% of agentic AI projects scrapped, with runaway cost a leading cause.

Gartner’s read is blunt: roughly 4 in 10 agentic AI projects will be scrapped by the end of 2027, and runaway cost is near the top of the list. I have watched this pattern up close, and it rarely starts with bad technology.

It starts with a bill nobody modeled. The pilot looks cheap, the rollout looks fine, then the invoice quietly outgrows the value the agents return, which is why I point teams to our 2026 cybersecurity budget playbook before they commit.

Why “cheap per call” gets expensive fast

Here is the economics, in plain terms. Recent research argues that agentic systems should be designed as token-allocation economies, where every action weighs benefit against cost. Systems that try to be cheap on every single call often misallocate globally, looping, over-delegating, and under-checking their own work.

A peer survey of agentic AI in security flags the same tension. More autonomy adds capability and new failure surfaces at the same time, a dynamic we explore in our look at whether AI kills or saves your SOC team.

The slot-machine problem

Working with these models is like asking a slot machine for tips on hitting the jackpot, because it is a non-deterministic system, meaning the same input can return different output. Spotting that early is exactly the kind of thing we flag in our breakdown of AI SOC red flags.

My contrarian read, earned from inside the SOC: a SOC running at human speed has already lost the race against AI-armed attackers. Speed without cost discipline is exactly how the 40% die. At UnderDefense, we treat human-ally orchestration as the governance layer that keeps agents productive instead of letting them spend you into a cancelled project, the foundation of our UnderDefense Agentic AI SOC AI platform.

Q6: What contract clauses must a CFO insist on before signing?

Before signing, a CFO should insist on five clauses: a hard token and overage cap with real-time alerting, a fixed notice period on any pass-through increase, a clean-exit termination right, ownership of all detection logic on exit, and model portability. The decisive test is one question. If we terminate, do our correlation rules, integrations, and detection logic stay in our SIEM?

Five clauses to redline before you sign

Take this list straight into your next negotiation. Each clause protects your profit and loss statement, your P&L, from a surprise you cannot control later.

  1. A hard token and overage cap with real-time alerting. Set a ceiling, and get pinged before you hit it, so one runaway agent cannot drain the year’s budget.
  2. A fixed notice period on any pass-through increase. Lock 30 to 60 days of warning, in writing, so price changes never blindside the board.
  3. A clean-exit termination right. Define how you leave above a clear threshold, with no punitive trapdoors.
  4. Ownership of all detection logic on exit. Your correlation rules and tuning are your intellectual property, so name that in the contract.
  5. Model portability. Keep the right to bring your own model provider, so you manage costs through your own AI governance.

Where this fits your SLA thinking

These caps work hand in hand with the response commitments you negotiate, which is why I always tie them back to a clear SLA in cybersecurity.

The one test that exposes lock-in

Here is the test I give every CISO before they sign. Ask the vendor directly: “If we terminate this agreement, do all correlation rules, integrations, and detection logic remain in our SIEM?” The answer tells you whether you are buying a service or renting a cage, a distinction we draw out in our managed SIEM work.

One budgeting tip I lean on hard. Map your spend onto the NIST Cybersecurity Framework risk families, the standard categories for managing cyber risk. That one-page visual can be eye-opening, and you may find zero dollars going to proactive work.

Keep your detection logic on the way out

At UnderDefense, we keep this clean by design, so you keep your detection logic and your data on the way out. Traditional MSSP, or managed security service provider, contracts often hold that logic hostage, and that structural lock-in is the cost you feel only when you try to leave, a major reason businesses switch providers.

Q7: How do you cap costs without capping your security?

Cap cost by capping waste, leaving coverage intact. Set per-alert and monthly token budgets with real-time alerting, score token-efficiency and exportable reasoning traces during evaluation, and measure spend as cost-per-ATT&CK-technique-covered. This keeps high-fidelity logging in place while killing a runaway agent before it drains the year’s budget.

Cap the waste, keep the coverage

The fear I hear most is that a cost cap means a security cap. It does not have to. The goal is to cap waste, the loops and redundant calls, while leaving real detection coverage fully intact.

Research on dense reasoning shows the same investigation can cost far fewer tokens depending on how the vendor engineers it. Efficiency is a design choice you are paying for, so make it a scored item in your evaluation, the kind of rigor we bring to our SOC service.

Measure spend in coverage, not tokens

Stop measuring spend in raw tokens. Measure it in cost-per-ATT&CK-technique-covered, tying every dollar to a real attacker behavior you can now catch. ATT&CK is MITRE’s public map of how attackers operate.

AI screening can also shrink your alert queue, but only when it is tuned to your environment. Set per-alert and monthly token budgets with real-time alerts, so a misbehaving agent gets stopped early, the same discipline behind effective SOC automation.

Put a number on coverage

To make this real, I have teams run the math with our SOC cost calculator so coverage and spend sit side by side.

The foot soldiers and the generals

Here is the model I trust. Think of AI agents as your foot soldiers, your human engineers and analysts as the generals directing them, and your senior responders as special forces for the hard missions.

I will say the quiet part out loud. I would rather see a model’s flaws and measure them than trust a vendor’s claim of a flawless black box, because I do not believe flawless models exist.

Transparent per-agent budgets

UnderDefense Agentic AI SOC is built on that foot-soldiers-and-generals model, with transparent per-agent budgets you can audit on the platform.

Q8: Build, buy, or co-manage your AI SOC: which controls cost best?

Building an internal agentic SOC looks cheaper until you price the orchestration. Stabilizing 100-invocation investigations in-house is exponentially harder than it appears, and it rarely scales. Buying transfers that complexity but risks lock-in and pass-through. A co-managed, vendor-agnostic model with your own model governance often controls cost best by pairing transparency with portability.

The complexity paradox of building it yourself

Here is the trap I see smart teams walk into. The most sophisticated organizations have the appetite to do it yourself, yet the difficulty of running a reliable AI agent in-house is exponentially higher than building a normal tool.

Trusting consistent decision-making from AI agents inside one organization is very hard, and I am not convinced it scales as a business model. The orchestration cost, keeping those 100-call investigations stable, is the line item nobody quotes you up front, a tension we unpack in our take on outsourced versus in-house SOC.

Three paths, three trade-offs

Build vs Buy vs Co-Manage for AI SOC Cost Control
Path Cost control Complexity you own Lock-in risk
Build Looks low, hides orchestration cost Very high Low, but fragile
Buy Predictable if capped Low High, plus pass-through
Co-manage Strong with caps and portability Shared Low with clean exit

Buying transfers the hard work, but it can hand you vendor lock-in and pass-through pricing. Co-managing, with a vendor-agnostic partner and your own model governance, tends to control cost best for mid-market teams, which is the core of our MDR service.

A real warning about vendor stability

One more cost nobody models: the vendor that disappears. I have heard the panicked version of this, a buyer rushing legal because their provider was shutting down the following Monday. That forced migration is its own budget event, the kind of risk we weigh in our MDR buyers guide.

What real teams say about the co-managed middle path

“The biggest win for me was getting actual control over our security alerts. The platform itself is straightforward. It pulls in data from all our existing security tools, so we didn’t have to rip and replace anything.”

Verified User in Marketing and Advertising, Small-Business UnderDefense Agentic AI SOC G2 Verified Review

“UnderDefense Agentic AI SOC integrates well with our systems, specifically with our SIEM, Splunk. Their team is proactive in identifying and addressing threats, providing 24/7 oversight.”

Oleg K., Director of Information Security UnderDefense Agentic AI SOC G2 Verified Review

At UnderDefense, we run the co-managed model on purpose, vendor-agnostic and portable, so you get transparency without the cage. For build-versus-buy decisions at mid-market scale, that middle path is where I would start, and our UnderDefense Agentic AI SOC integrations show how it fits your existing stack.

Q9: How do you prove AI SOC value to a fatigued board?

Prove value by translating cyber risk into financial exposure the board already understands: cost-per-technique-covered, analyst hours saved, and dollars recovered. A NIST Cybersecurity Framework one-page budget visual exposes blind spots. Documented outcomes, like 99% noise reduction or a six-figure payroll fraud surfaced during onboarding, turn an AI SOC line item from a cost center into a return story.

The situation: a board that has stopped listening

I have sat in the room where the board has gone quiet on security spend. They are fatigued, and they keep asking the same thing. Is this money actually doing anything?

The leaders who break through stop speaking in alerts and start speaking in financial exposure. They translate risk into dollars the board already manages every quarter, the same framing we use across our virtual CISO advisory.

The complication: proof the board can feel

Abstract security wins do not move a finance committee. Concrete dollars do, and sometimes they show up from unexpected places.

One outcome I keep coming back to: a team saved roughly $300,000 in the first three months because the rollout accidentally surfaced a payroll fraud during onboarding. That was not even a cyber attack, yet it paid for the program. Pair that with hard operating numbers, and the story writes itself, much like our SIEM and SOC engagement that avoided a $650K loss.

“They’ve also made our audit process much less painful. The reports from their platform give us clear evidence of our security controls. Worth every penny for us.”

Verified User in Marketing and Advertising, Small-Business UnderDefense Agentic AI SOC G2 Verified Review

“We love the monthly report. We gain valuable insights into security posture and incidents, and share them with the board of directors.”

Yaroslava K., IT Project Manager UnderDefense Agentic AI SOC G2 Verified Review

The resolution: caps as the board’s safety net

Here is how I would close the board update. Map spend onto the NIST framework risk families, show the blind spots, and present documented results like strong noise reduction and clear analyst hours saved, the discipline we build into our SOC metrics reporting.

Name the cancellation risk directly

Then name the elephant. Gartner expects 40% of agentic AI projects to be cancelled by the end of 2027, mostly on cost. Present your hard caps as the safety net that keeps you out of that 40%.

At UnderDefense, our ROI reporting and concierge response give boards the auditable proof layer they keep asking me for, backed by our MDR service. Time is the currency of the cloud, and you can lose your reputation at light speed, so showing the math early is the cheapest insurance you have.

Q10: What does transparent AI SOC pricing look like in practice?

Transparent AI SOC pricing means a predictable fee, visible per-agent token meters, no ingestion or egress penalties, and a clean exit with your detection logic intact. In practice it pairs fast service, a 2-minute alert-to-triage and a 15-minute escalation for critical incidents, with outcomes you can show a board. That ends the era of the surprise invoice.

The situation: pricing you can actually read

Most buyers come to me after a billing surprise. They want a number they can defend to finance, and a contract they can read without a lawyer translating every line.

Transparent pricing is concrete. You get a predictable fee, per-agent token meters you can watch, no penalty for ingesting your own logs, and your detection logic stays yours when you leave, the model behind our published MDR pricing.

The complication: where vendor-locked models pinch

Here is the honest comparison, structured the way I would walk a CISO through it.

  • ✅ UnderDefense is vendor-agnostic, so it pulls from your existing tools instead of forcing a rip-and-replace.
  • ✅ Our concierge response gives you a 2-minute alert-to-triage and a 15-minute escalation for critical incidents, two distinct commitments, kept separate.
  • ❌ Traditional MDR, or managed detection and response, often locks you to one stack and holds your detection logic on exit.
  • ✅ We detect and respond with full context, so an escalation arrives with the why attached.
  • ❌ Opaque, consumption-based pricing and black-box investigation hide the bill until renewal.

Buyers feel the lock-in pain in their own words across review sites, and it is a recurring theme among teams evaluating MDR competitors.

“We didn’t have to rip and replace anything. When they escalate something, they include the context we need to understand the issue quickly.”

Verified User in Marketing and Advertising, Small-Business UnderDefense Agentic AI SOC G2 Verified Review

“It’s reassuring to know they’re always watching for threats, and it doesn’t cost a fortune. The platform works really well with our other security tools.”

Serhii B., Chief Information Security Officer UnderDefense Agentic AI SOC G2 Verified Review

The resolution: fewer glasses of pain

My read on the next 18 to 24 months: the winning AI SOC will give you fewer glasses of pain, instead of another opaque single pane. Being a human is a flex in 2026, and the human-ally model is what keeps agents honest and budgets predictable, a view we expand on in our piece on conversational SOCs.

Tell us what you are protecting

UnderDefense Agentic AI SOC runs that AI SOC plus human-ally model, vendor-agnostic, with transparent pricing and concierge response on the platform. So here is the question I am sitting with, and I would genuinely like your answer: what are you protecting, and what would a contract you could read like a CFO actually need to say? Tell us what you are building, and we will help you read the paper before you sign it.

See how UnderDefense Agentic AI SOC resolves a real incident on your stack.

1. Why did our AI SOC invoice suddenly become unpredictable?

Your invoice moved from a flat seat fee to variable, per-token consumption, so cost now scales with attacker activity and agent behavior instead of headcount.

Here is what changed under the hood:

  • One alert is rarely one model call. A modern agentic system can chain 100-plus calls to investigate a single event.
  • More calls means more tokens, and more tokens means more cost per ticket.
  • A single misbehaving agent can burn a year’s token budget in a week.

So the line item climbs, and nobody on the team can explain why. We have watched a fatigued board start reading these contracts line by line because the number moves every day.

The market does not decide who absorbs that volatility. Your contract does. We design against this with transparent, predictable pricing as part of our MDR service, so you can model the year instead of bracing for a surprise. We also walk teams through the variables before they commit in our 2026 cybersecurity budget playbook.

2. How is an AI SOC contract priced, and what does one alert really cost?

An AI SOC contract governs a managed or co-managed service where AI agents triage and investigate alerts. We see it priced five ways.

  • Per-token or pass-through, lowest predictability and highest overrun risk.
  • Per-action, billed per alert or per response.
  • Tiered with overage charges above a threshold.
  • Hybrid, a base fee plus usage.
  • Flat-rate with a fair-use cap, the most predictable.

The billable unit is the token, a chunk of text the model reads (input) or writes (output). Vendors price these per million tokens, and output usually costs more than input.

Because one alert can need 100-plus model calls, the honest unit is cost-per-investigated-alert, not the headline rate. We have seen a single agent rack up close to $24,000 when nobody watched the per-agent meter.

Our advice is simple: run a 30-day pilot, measure your token-to-task ratio, and derive a real cost-per-investigated-alert. We help teams pressure-test these numbers in our MDR buyers guide before any signature.

3. Who pays when the model gets more expensive mid-contract?

It depends entirely on the clause, so read the pricing-adjustment paragraph before anything else.

  • Under a true fixed-price term, the vendor absorbs any upstream LLM price increase.
  • Under an LLM cost pass-through clause, that increase lands on your invoice, usually after 30 to 60 days notice and capped to the real cost rise.
  • Model-refresh and re-tuning clauses quietly turn a fixed price into a variable one, because every upgrade becomes billable.

There is also a risk most contracts ignore: a provider can deprecate or pull the model your vendor runs on, forcing a migration you never budgeted.

The contract, rather than the market, decides who eats the increase. Our hedge is model portability, the right to bring your own model provider so you manage outbound costs through your own AI governance. We built vendor-agnostic, portable workflows into our MAXI integrations for exactly this reason, and we explain why structural lock-in drives so many teams to switch providers.

4. Where do hidden costs hide in an AI vendor contract?

The sticker price is the part vendors want you to read. The real total cost of ownership lives in the clauses below it.

We have watched budgets quietly bleed in five places:

  • Prepaid-credit traps, where unused credits expire and become pure waste.
  • Model-refresh fees, billing you for upgrades and retuning.
  • Data egress charges, which make moving your own logs out expensive.
  • Support-tier escalation, where incident help sits behind a pricier tier.
  • Opaque per-unit pricing you cannot model or challenge.

Then add shadow drivers: data prep, integration overhead across your SIEM and data lakes, hallucination remediation, and roughly 50% year-over-year log-storage growth.

Read the gap between the Order Form and the Terms of Service, because the friendly price sits in one and the painful conditions sit in the other. We hold to a model with no ingestion fees and no egress penalties, so high-fidelity logging stays affordable instead of becoming a tax. You can see that transparency in our published MDR pricing.

5. What contract clauses must a CFO insist on before signing an AI SOC deal?

Before signing, we tell every CFO to redline five clauses, because each one protects your profit and loss statement from a surprise you cannot control later.

  • A hard token and overage cap with real-time alerting, so one runaway agent cannot drain the year’s budget.
  • A fixed notice period on any pass-through increase, 30 to 60 days in writing.
  • A clean-exit termination right with no punitive trapdoors.
  • Ownership of all detection logic on exit, since your correlation rules are your intellectual property.
  • Model portability, so you keep the right to bring your own model provider.

The decisive test is one question to ask directly: if we terminate, do all correlation rules, integrations, and detection logic remain in our SIEM?

We keep this clean by design, so you keep your detection logic and data on the way out, the opposite of the lock-in baked into many legacy contracts. You can see how that ownership stays with you in our managed SIEM approach.

6. How do we cap AI SOC costs without capping our security coverage?

The fear we hear most is that a cost cap means a security cap. It does not have to. The goal is to cap waste, the loops and redundant calls, while leaving real detection coverage fully intact.

Here is what we recommend:

  • Set per-alert and monthly token budgets with real-time alerting, so a misbehaving agent gets stopped early.
  • Score token-efficiency and exportable reasoning traces during evaluation, because efficiency is a design choice you are paying for.
  • Measure spend as cost-per-ATT&CK-technique-covered, tying every dollar to a real attacker behavior you can now catch.

We think of AI agents as foot soldiers, human engineers and analysts as the generals directing them, and senior responders as special forces for the hard missions. That model keeps automation honest and budgets predictable.

UnderDefense MAXI runs on transparent per-agent budgets you can audit, and you can explore that on the platform. To put real numbers behind coverage and spend, teams use our SOC cost calculator.

7. Why do 40% of agentic AI projects get cancelled, and is cost the cause?

Gartner projects that 40% of agentic AI projects will be cancelled by the end of 2027, with escalating, unpredictable cost a leading driver. We have watched this pattern, and it rarely starts with bad technology.

It starts with a bill nobody modeled. The pilot looks cheap, the rollout looks fine, then the invoice quietly outgrows the value the agents return.

The root cause is economic:

  • Agentic systems that try to be cheap on every single call often misallocate globally, looping, over-delegating, and under-checking their own work.
  • More autonomy adds capability and new failure surfaces at the same time.
  • These are non-deterministic systems, so the same input can return different output.

A SOC running at human speed has already lost the race against AI-armed attackers, but speed without cost discipline is exactly how the 40% die. We treat human-ally orchestration as the governance layer that keeps agents productive, which is the foundation of our MAXI AI platform. We also flag the warning signs in our breakdown of AI SOC red flags.

8. Should we build, buy, or co-manage our AI SOC to control cost best?

Building an internal agentic SOC looks cheaper until you price the orchestration. Stabilizing 100-invocation investigations in-house is exponentially harder than it appears, and it rarely scales.

Here is how we frame the three paths:

  • Build looks low-cost but hides orchestration complexity and is fragile to maintain.
  • Buy transfers the hard work but risks vendor lock-in and pass-through pricing.
  • Co-manage, with a vendor-agnostic partner and your own model governance, tends to control cost best through transparency and portability.

One cost nobody models is the vendor that disappears. We have heard the panicked version of this, a buyer rushing legal because their provider was shutting down the following Monday. That forced migration is its own budget event.

We run the co-managed model on purpose, vendor-agnostic and portable, so you get transparency without the cage. For mid-market teams weighing this decision, that middle path is where we would start, and we compare the trade-offs in our view on outsourced versus in-house SOC.

Nazar Tymoshyk

Nazar Tymoshyk

CEO and the driving force behind UnderDefense

Nazar Tymoshyk is a visionary cybersecurity expert with extensive industry experience, holding a Ph.D. in Information Security, an MBA, and a degree in Computer/Information Technology Administration and Management.

Nazar’s contributions to cybersecurity have earned him recognition as a respected leader in the field. His insights have been featured in leading publications, including The Wall Street Journal, TechCrunch, and TechRepublic.

As the founder of UnderDefense, Nazar has demonstrated exceptional leadership, growing the company into a recognized provider of advanced cybersecurity solutions known for its innovative approach and strong commitment to client success. His mission is to transform how businesses approach cybersecurity by delivering tailored solutions for every stage of growth.

Nazar’s dedication to national cybersecurity also led him to serve in CERT-UA, where he played a key role in strengthening Ukraine’s cyber defense capabilities.

Ready to protect your company with Underdefense MDR?

Related Articles

See All Blog Posts