EliseAI is a leader in AI for the housing and healthcare industries, two sectors where protecting customer data is paramount. As the company scaled rapidly, Senior Security Engineers Jake Skinner and Winston Laoh faced a familiar problem: the attack surface was growing faster than the team could.
"We were rapidly expanding, constantly adding more tools to our arsenal to defend our customer's data. And every single tool required monitoring, configuration, and handholding. We needed something that could keep up." — Winston
EliseAI partnered with Cotool to build an autonomous, AI-driven security layer. The ultimate outcomes were faster investigations, broader detection coverage, and a lean team that operates with the reach of a much larger one.
When manual work can't keep pace
Before Cotool, every investigation was a manual process. The team spent hours sifting through logs across multiple tools, manually collating data, and piecing together context before they could even begin to make a decision.
"Investigations took a lot of time. Sifting through logs, trying to figure out what's going on. That really wasn't sustainable as we scaled." — Jake
"It was really manual. A lot of time was spent collecting data from various tools and trying to collate everything together." — Winston
As EliseAI's headcount and client base grew, so did the volume of alerts, phishing attempts, and unusual activity that needed investigation. The team knew they couldn't solve the problem by just hiring more analysts.
"We're in the housing and healthcare industries, so protecting data is one of our biggest priorities. We needed a way to move faster without cutting corners." — Jake
Autonomous triage from day one
Cotool's agents slotted into EliseAI's workflow quickly. Every time a detection rule fires, Cotool takes the first pass: investigating the alert, building context, and routing it to the right person with a full picture already assembled.
"By the time an alert reaches us, Cotool has already investigated, built the context, and triaged it. We make the final call." — Jake
"We have autonomous agents operating 24/7, constantly looking at alerts and only escalating what truly needs a human set of eyes. That's been a great way of reducing costs." — Winston
The impact was immediate and exceeded expectations.
"I had a little bit of skepticism before we rolled Cotool out. Afterwards, it blew me out of the water with all the different things it could do. The biggest bonus was the time I got back." — Jake
Expanding detection coverage automatically
Beyond triage, Cotool became a force multiplier for EliseAI's detection engineering. The platform continuously analyzes the environment, maps coverage against the MITRE ATT&CK framework, and identifies gaps the team didn't know they had.
"Cotool compares our environment to the MITRE ATT&CK framework, shows us exactly where we need more coverage, and then actually builds the detections to close those gaps." — Winston
"Cotool helps us identify gaps in our detection coverage and sometimes fills them in before we even realize they exist." — Jake
For Winston, this environment awareness is one of Cotool's most valuable qualities, and one he didn't fully appreciate until he saw it in action.
"One of the best features is that it's so environment-aware. It's constantly looking at our environment and suggesting additional coverage. It's practically a security analyst that never sleeps." — Winston
Flexibility that lets a lean team punch above its weight
What made Cotool stand out from alternatives was its unopinionated architecture. Rather than forcing EliseAI into a rigid workflow, it gave the team a platform to solve problems on their own terms.
"What made Cotool stand out was its flexibility. We came to it with our problems and it let us solve them without forcing us in any one direction." — Winston
That flexibility means Cotool serves multiple use cases within a single platform. Winston has built agents that detect anomalous cloud access, respond to phishing reports, and triage alerts, work that would traditionally require separate tools.
"I have agents detecting if someone is accessing secrets more often than normal, and on the other side I have it responding to phishing emails. Typically that's two separate tools, but we just built it because Cotool gives us that flexibility." — Winston
For Jake, the ability to encode the team's own expertise into Cotool's agents is what makes the platform special.
"You can encode your expertise into Cotool. It does automated tasks as if you would do them. That's really helped increase our security posture." — Jake
The platform has even found unexpected fans beyond the security team. Engineering began leveraging Cotool to investigate infrastructure changes and debug configuration drift.
"Surprisingly, the team that has really enjoyed it is our engineering team. It's actually a surprisingly good debugging tool for figuring out who pushed specific code or made an infrastructure change." — Winston
What would break without Cotool
When asked what would happen if Cotool were removed tomorrow, both engineers gave the same answer: the team would need to grow, fast. The work Cotool handles today is woven into how the team operates. Losing it wouldn't just slow things down, it would force them to pull time away from the strategic work that actually moves their security posture forward.
"If we removed Cotool, we'd have to take time away from strategic thinking and go back to handling all of that manually. That's not realistic for a company scaling as quickly as we are." — Jake
"We'd have to go back to square one, back to doing everything manually. Cotool handles so much of that for us now." — Winston
Conclusion
With Cotool, EliseAI's security team defends a rapidly growing attack surface across two of the most data-sensitive industries without scaling headcount to match. Investigations that once took hours now resolve in minutes, and detection coverage expands automatically. Now, a lean engineering function operates with the reach and speed of a full SOC.
Cotool didn't just give EliseAI more efficiency. It gave them the confidence to scale security at the same pace as the business.