The company leverages the capabilities of the Singularity Data Lake and Purple AI to revolutionize security activities thanks to the new intelligent capabilities of the Singularity Platform
SentinelOne (NYSE: S), a global leader in AI-powered cybersecurity, today announced new capabilities within the Singularity Platform, designed to make advanced cybersecurity tasks more accessible. At the RSA 2024 conference, the company presented the features that make high-profile Security Operations Centers (SOCs) a concrete reality for companies of all sizes.
"Think of a future where security solutions not only help companies react to threats, but anticipate and mitigate them before they cause a security incident. This is the future we are designing at SentinelOne," said Tomer Weingarten, CEO of SentinelOne. "Our solutions are designed to transform how security teams manage the complexity of their environments and defend against threats. With our latest innovations, customers can move away from today's reactive operating model and enable a predictive, autonomous future."
Today, SentinelOne advances the cybersecurity revolution through AI and process automation, enabling every business to operate at the same scale, speed and sophistication, regardless of budget and resources. When combined with the visibility of the Singularity Platform and the potential and scalability of the Singularity™ Data Lake, Purple AI provides an experienced, always-available analyst to augment any security team's skills and enhance its capabilities.
“It's no secret that security teams are overwhelmed with data, alerts and triage that require hours of work,” says Ric Smith, Chief Product and Technology Officer at SentinelOne. “Purple AI doesn't just do what you ask, it acts accordingly.”
More than a chatbot or virtual assistant, Purple AI is an advanced security AI solution that not only creates complex data queries from natural language, but anticipates what security analysts need to do and recommends next steps. Key features illustrated and in use include:
- Anomaly detection with AI: Purple AI surfaces related risks from integrated log sources.
- Automatic triage of alerts: The technology analyzes trillions of anonymized data signals on a global scale to evaluate how security analysts classify and respond to similar alerts and automatically produces results and recommended actions.
- AI-enhanced advice and responses and hyper-automation rules: Using global analog analytics, Purple AI provides intelligent response guidance based on how others have reacted to similar alerts and smart recommendations to turn those actions into hyper-automation rules to make response actions autonomous.
- 24/7 automatic investigations: With zero-touch automated investigation capabilities, Purple AI eliminates the need for human-driven investigations and allows security teams to focus on verifying and mitigating threats at scale.
All current and future Purple AI capabilities are seamlessly integrated into the Singularity platform and accessible through a new unified security console, the Singularity Operations Center.
"For years, security vendors have called for unified dashboards and a single pane of glass. SentinelOne's Singularity Operations Center delivers on this claim and offers a giant leap forward in simplifying analysts' jobs by unifying alert triage and workflows across each intelligence collection," Smith continued.
Now available globally, Operations Center consolidates security management with unified alerting, inventory management, correlation engine and a contextualized Singularity Graph to accelerate detection, triage and investigation.
“For the first time, security analysts of all levels can benefit from the tools, speed and performance once reserved for organizations with larger budgets,” Smith added.
Both Purple AI and Singularity Platform have the unified Singularity Data Lake at their core. Built on the Open Cybersecurity Schema Framework (OCSF), source telemetry is rapidly captured from any source, normalized, processed and archived, while critical issues are brought to the attention of analysts.
"Having all the data can be a problem. Being able to process it fast enough to find the insights with enough time to act is another thing," Smith said. “The combination of Singularity Data Lake and Purple AI eliminates much of this burden through automation, allowing the SOC to focus on the most critical task: keeping the organization safe.”
Epochal turning point for the SOC
“The synergy between AI, data and autonomous functionality in a single platform is powerful,” said Steve McDowell, Chief Analyst at NAND Research. "Generative AI gives you perspective on everything that's happening in your environment and allows you to have true data-driven communication with your infrastructure. Combining this with a unified data lake and a platform-driven approach can accelerate and simplify business protection."
Act now to protect tomorrow
To learn more about SentinelOne's advanced AI-powered cybersecurity platform and how it can help every organization secure the future, click here. clic.
