AI-powered security solutions provider SentinelOne introduced new capabilities within its Singularity Platform to empower enterprises of all sizes with top-tier Security Operations Center (SOC) capabilities through AI and automation.
“Imagine a future where security solutions not only help enterprises respond to threats, but anticipate and mitigate them before they lead to a security incident. This is the future we are creating at SentinelOne,” said Tomer Weingarten, CEO of SentinelOne. “Our solutions are designed to transform how security teams manage the complexity of their environments and defend threats. With our latest innovations, customers can move from the reactive operating paradigm of today and enable a predictive and autonomous future.”
Central to the initiative is Purple AI, an advanced AI security solution integrated within the Singularity Platform. Purple AI goes beyond traditional chatbot or virtual assistant functionalities by leveraging AI and natural language processing to create complex data queries and anticipate security analysts' needs. It provides intelligent response recommendations and automates threat investigations.
Key features of Purple AI include AI-powered anomaly detection, automated alert triage, intelligent response recommendations, hyper automation rules, and 24/7 auto-investigations, so security teams can validate and mitigate threats at scale.
“It’s no secret that security teams are overwhelmed with data, alerts and labor-intensive triage,” said Ric Smith, Chief Product and Technology Officer, SentinelOne. “Purple AI doesn’t just do what you ask it to, it does what you need it to.”
“For years, security vendors have claimed unified dashboards and a single pane of glass. SentinelOne’s Singularity Operations Center delivers on that promise and represents a massive leap forward in simplifying the analyst experience by unifying alert triage and workflows across all event collections,” Smith said.
In addition, SentinelOne's partnership with Mandiant (part of Google Cloud) brings threat intelligence into the Singularity Platform. This integration enhances security insights with detailed adversarial Tactics, Techniques, and Procedures (TTPs), enriches security alerts, and boosts threat hunting capabilities.
The Singularity Platform's new unified security console, the Singularity Operations Center, consolidates security management by offering unified alerts, inventory management, a correlation engine, and a contextualized Singularity Graph for streamlined detection, triage, and investigation.
Both Purple AI and the Singularity Platform leverage the Singularity Data Lake, built on the Open Cybersecurity Schema Framework (OCSF), to ingest, normalize, process, and store telemetry data from any source. Critical issues are escalated for analyst attention, enabling comprehensive threat detection and response capabilities.
“Having all of the data is one problem. Being able to process it fast enough to find the insights with enough time to action them is something else entirely,” Smith said. “The combination of the Singularity Data Lake and Purple AI removes much of this burden through automation, empowering the SOC to focus on the most critical task - keeping the organization safe.”
Edited by
Greg Tavarez
