SentinelOne 'revolutionises' cybersecurity with Purple AI

AI security analyst radically transforms threat investigations and response with simple, one-click hunting, suggested queries, and auto-generated reports, empowering security teams to deliver new levels of defence, savings, and efficiencies.

  • 7 months ago Posted in

SentinelOne is breaking new ground with the general availability of Purple AI, a transformative AI security analyst designed to unlock the full potential of security teams, empowering them to save time and money by radically simplifying and accelerating threat hunting, investigations, and response.

“The average enterprise security team receives north of 1,000 alerts per day that require investigation. The same teams must also proactively hunt for threats that evade detection. They are overworked and understaffed and in dire need of help to keep pace,” said Ric Smith, Chief Product and Technology Officer, SentinelOne. “With Purple AI , SentinelOne is delivering the industry’s most advanced GenAI security technology to help detect threats earlier, respond faster, and stay ahead of attacks in an efficient, scalable way.”

Leading the way

Early adopters of Purple AI report executing hunts 80 percent faster, and innovative companies are already taking advantage of this technology to empower their security teams and stay ahead of threats.

“The security insights provided by Purple AI have surpassed anything PruittHealth had before,” said Richard Bailey, SVP IT, PruittHealth Connect Inc . “PurpleAI assists in identifying weaknesses and vulnerabilities, thus bolstering PruittHealth’s overall security. Additionally, it enhances accuracy and reduces human error in data queries, allowing more time for other tasks.”

A force multiplier

Far beyond a security chatbot or console search box, Purple AI is an AI-powered security analyst that radically simplifies threat hunting and investigations by translating natural language into structured queries, automatically querying native and partner data, intelligently summarising results and suggesting follow-on queries in natural language and saving investigations in collaborative notebooks. With Purple AI, security teams can:

• Simplify complex queries and streamline investigations with natural language translations. Purple AI is the only AI security analyst that supports the Open Cybersecurity Schema Framework, so analysts have a single normalised view of native and partner data.

• Find and mitigate hidden risk across their environment with pre-populated Purple AI Threat Hunting Quick Starts to launch investigations with a single click.

• Drive down mean time to respond and time to investigate with suggested next queries and intelligent summarised results in natural language.

• Easily collaborate with shared, exportable investigation notebooks and auto-generated emails.

Delivering results

With Purple AI, security teams can save time, increase visibility, and maximise resources, and enterprises of all sizes, across industries are tapping its power to streamline and enhance their security operations and bolster their defences.

“Purple AI really increases the efficiency of our team that is focused on log management and SIEM use cases,” said John McLeod, Chief Information Security Officer at energy solutions manufacturer NOV, Inc. “The technology allows them to quickly query data and use suggested next queries and intelligent summaries to get the answers they need in a fraction of the time, reducing our mean time to respond.”

NOV Cyber Incident Response Analyst Ryan Mason can attest to this. “Purple AI's Notebooks help me save time building and organising EDR queries for IR hunting scenarios,” he said. “Prompts are predictably summarised in a narrative and a table, prepared queries can be fine-tuned, and suggested follow-up questions help uncover quick answers.” 

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...