Nearly a year ago, SentinelOne introduced Purple AI, a generative AI dedicated to threat-hunting, analysis and response. This was huge because it was one of the first instances we saw generative AI designed for this purpose.
More on Purple AI, it is a security tool that combines different AI models, some created in-house and some from public sources. It helps security analysts work faster by using a conversational interface. Analysts can ask Purple AI questions and get help with finding, understanding and stopping security threats.
Previously, Purple AI was delivered as part of SentinelOne’s threat-hunting experience and was available in limited preview. Now, Purple AI is generally available.
With Purple AI, available in all global regions, security teams simplify complex queries and streamline investigations with natural language translations. Purple AI supports the Open Cybersecurity Schema Framework, so analysts have a single normalized view of native and partner data.
Security teams also find and mitigate hidden risk across their environment with pre-populated Purple AI Threat Hunting Quick Starts to launch investigations with a single click. They also drive down mean time to respond and time to investigate with suggested next queries and intelligent summarized results in natural language.
Additionally, Purple AI allows security teams to easily collaborate with shared, exportable investigation notebooks and auto-generated emails.
“The average enterprise security team receives north of 1,000 alerts per day that require investigation. The same teams must also proactively hunt for threats that evade detection,” said Ric Smith, chief product and technology officer, SentinelOne. “With Purple AI, SentinelOne is delivering the industry’s most advanced GenAI security technology to help detect threats earlier, respond faster and stay ahead of attacks in an efficient, scalable way.”
Early adopters of Purple AI report executing hunts 80% faster, and innovative companies are already taking advantage of this technology to empower their security teams and stay ahead of threats.
In terms of specific use cases, John McLeod, security chief at NOV, an energy solutions company, says Purple AI lets his team find information in their security logs much faster. They can ask questions, get suggestions for what to ask next and see summaries of the data, all in a short amount of time. This allows them to respond to security incidents quicker.
Ryan Mason, who works on cyber incident response at NOV, agrees. He says Purple AI's "Notebooks" feature saves him time building queries to hunt for threats. The system turns prompts into clear summaries and tables, improves existing queries and even suggests what to ask next to find answers quickly.
Purple AI is available today in all global regions. Click here to learn more about the technology and how it can transform security operations.
Edited by
Greg Tavarez