SentinelOne 'revolutionises' cybersecurity with Purple AI

AI security analyst radically transforms threat investigations and response with simple, one-click hunting, suggested queries, and auto-generated reports, empowering security teams to deliver new levels of defence, savings, and efficiencies.

  • Tuesday, 16th April 2024 Posted 1 year ago in by Phil Alsop

SentinelOne is breaking new ground with the general availability of Purple AI, a transformative AI security analyst designed to unlock the full potential of security teams, empowering them to save time and money by radically simplifying and accelerating threat hunting, investigations, and response.

“The average enterprise security team receives north of 1,000 alerts per day that require investigation. The same teams must also proactively hunt for threats that evade detection. They are overworked and understaffed and in dire need of help to keep pace,” said Ric Smith, Chief Product and Technology Officer, SentinelOne. “With Purple AI , SentinelOne is delivering the industry’s most advanced GenAI security technology to help detect threats earlier, respond faster, and stay ahead of attacks in an efficient, scalable way.”

Leading the way

Early adopters of Purple AI report executing hunts 80 percent faster, and innovative companies are already taking advantage of this technology to empower their security teams and stay ahead of threats.

“The security insights provided by Purple AI have surpassed anything PruittHealth had before,” said Richard Bailey, SVP IT, PruittHealth Connect Inc . “PurpleAI assists in identifying weaknesses and vulnerabilities, thus bolstering PruittHealth’s overall security. Additionally, it enhances accuracy and reduces human error in data queries, allowing more time for other tasks.”

A force multiplier

Far beyond a security chatbot or console search box, Purple AI is an AI-powered security analyst that radically simplifies threat hunting and investigations by translating natural language into structured queries, automatically querying native and partner data, intelligently summarising results and suggesting follow-on queries in natural language and saving investigations in collaborative notebooks. With Purple AI, security teams can:

• Simplify complex queries and streamline investigations with natural language translations. Purple AI is the only AI security analyst that supports the Open Cybersecurity Schema Framework, so analysts have a single normalised view of native and partner data.

• Find and mitigate hidden risk across their environment with pre-populated Purple AI Threat Hunting Quick Starts to launch investigations with a single click.

• Drive down mean time to respond and time to investigate with suggested next queries and intelligent summarised results in natural language.

• Easily collaborate with shared, exportable investigation notebooks and auto-generated emails.

Delivering results

With Purple AI, security teams can save time, increase visibility, and maximise resources, and enterprises of all sizes, across industries are tapping its power to streamline and enhance their security operations and bolster their defences.

“Purple AI really increases the efficiency of our team that is focused on log management and SIEM use cases,” said John McLeod, Chief Information Security Officer at energy solutions manufacturer NOV, Inc. “The technology allows them to quickly query data and use suggested next queries and intelligent summaries to get the answers they need in a fraction of the time, reducing our mean time to respond.”

NOV Cyber Incident Response Analyst Ryan Mason can attest to this. “Purple AI's Notebooks help me save time building and organising EDR queries for IR hunting scenarios,” he said. “Prompts are predictably summarised in a narrative and a table, prepared queries can be fine-tuned, and suggested follow-up questions help uncover quick answers.” 

SailPoint launches application management platform

Posted 41 minutes ago by Aaron Sandhu
SailPoint introduces a revolutionary solution to enhance application management through intelligent automation and governance, transforming security...

MariaDB reacquires SkySQL

Posted 1 hour ago by Aaron Sandhu
MariaDB strengthens its cloud offerings by re-integrating SkySQL's advanced serverless database-as-a-service platform.
Capgemini is set to acquire Cloud4C, enhancing its cloud managed services with automation and industry-specific frameworks.

Paul Redding appointed in new role at NinjaOne

Posted 5 hours ago by Aaron Sandhu
NinjaOne appoints Paul Redding as Head of MSP Partnerships, driving growth and efficiency.NinjaOne appoints Paul Redding as Head of MSP Partnerships,...
Wavenet introduces a game-changing solution for MSPs and resellers, marrying high-end cyber security with ease of access and tailored offerings.

A Welsh beacon in the global MSP landscape

Posted 1 day ago by Aaron Sandhu
Caerphilly’s Team Metalogic shines as the only Welsh business in 2025's global MSP 501 rankings.
Thrive launches its new NDR service to bolster business cybersecurity, promising quicker threat detection and response.

The importance of independent SaaS data protection

Posted 6 days ago by Aaron Sandhu
Keepit's survey highlights the risks of relying solely on native SaaS backups, underscoring the need for independent, immutable solutions.