Latest News

SentinelOne unveils new autonomous security capabilities in the Singularity platform

SentinelOne has introduced new capabilities within its AI-powered Singularity Platform designed to make advanced cybersecurity operations accessible to companies of all sizes.

“Imagine a future where security solutions not only help enterprises respond to threats, but anticipate and mitigate them before they lead to a security incident. This is the future we are creating at SentinelOne,” said Tomer Weingarten, CEO of SentinelOne. “Our solutions are designed to transform how security teams manage the complexity of their environments and defend threats. With our latest innovations, customers can move from the reactive operating paradigm of today and enable a predictive and autonomous future.”

SentinelOne aims to democratise cybersecurity through AI and automation, enabling every enterprise to operate at the same scale, speed and sophistication, regardless of budgets and resources. By combining the visibility of the Singularity Platform and the breadth and scale of the Singularity Data Lake, Purple AI provides an always-on, expert analyst to augment the skills of any security team and enhance their capabilities.

“It’s no secret that security teams are overwhelmed with data, alerts and labour-intensive triage,” said Ric Smith, Chief Product and Technology Officer, SentinelOne. “Purple AI doesn’t just do what you ask it to, it does what you need it to.”

Beyond a chatbot or virtual assistant, Purple AI is an advanced AI security solution that not only creates complex data queries from natural language, but anticipates what security analysts need to do and recommends next steps. Key features demonstrated and in use today include:

• AI-powered anomaly detection: Purple AI surfaces correlated risks from integrated log sources.
• Automated alert triage: The technology analyses trillions of anonymised data signals at a global scale to evaluate how security analysts assess and respond to similar alerts and provides automated verdicts and recommended actions.
• AI-powered response recommendations and hyper automation rules: Using global similarity analyses, Purple AI provides intelligent response recommendations based on how others have responded to similar alerts and smart recommendations to turn those actions into hyper automation rules to put response actions in autonomous mode.
• 24/7 Auto-investigations: Through zero-touch auto-investigation capabilities, Purple AI eliminates the need for human-driven investigations and empowers security teams to focus on validating and mitigating threats at scale.

All current and future Purple AI capabilities are deeply embedded across the Singularity Platform and accessible via a new unified security console, the Singularity Operations Centre.

“For years, security vendors have claimed unified dashboards and a single pane of glass. SentinelOne’s Singularity Operations Centre delivers on that promise and represents a massive leap forward in simplifying the analyst experience by unifying alert triage and workflows across all event collections,” Smith said.
Now generally available, the Operations Centre consolidates security management with unified alerts, inventory management, correlation engine, and a contextualised Singularity Graph to accelerate detection, triage, and investigation.

“For the first time, security analysts of any level can benefit from the tools, velocity, and performance once reserved for the largest organisations and budgets,” Smith added.

Both Purple AI and the Singularity Platform have the unified Singularity Data Lake at their core. Built on the Open Cybersecurity Schema Framework (OCSF), source telemetry is rapidly ingested from any source, normalised, processed, and stored with critical issues escalated for analyst attention.

“Having all of the data is one problem. Being able to process it fast enough to find the insights with enough time to action them is something else entirely,” Smith said. “The combination of the Singularity Data Lake and Purple AI removes much of this burden through automation, empowering the SOC to focus on the most critical task – keeping the organisation safe.”

Chief Analyst, Steve McDowell, NAND Research said: “The combination of AI, data and autonomous capabilities in a single platform is powerful. Generative AI gives you a window into everything that’s happening across your environment and allows you to have a real, data-driven conversation with your infrastructure. Combining that with a unified data lake and platform-driven approach can accelerate and simplify how you protect the enterprise.”