SentinelOne expands Purple AI with diverse data & language

SentinelOne has introduced a new update that allows its Purple AI security analyst to be integrated with data from popular third-party security solutions.

The initial offerings supported include the Zscaler Zero Trust Exchange platform, Palo Alto Networks Firewall, Okta, Proofpoint TAP, Fortinet FortGate, and Microsoft Office 365.

SentinelOne's integration allows users to extend the capabilities of Purple AI, which makes use of its Singularity Platform's data and artificial intelligence functionalities.

In addition to broadening its data source capabilities, SentinelOne has launched multilingual support for Purple AI. This complements the existing English-language interface by adding support for languages such as Spanish, French, German, Italian, Dutch, Arabic, Japanese, Korean, Thai, Malay, and Indonesian, among others.

Ely Kahn, Vice President, Product Management, Cloud Security, AI/ML and Core Platform at SentinelOne, stated, "Purple AI has rapidly become SentinelOne's fastest growing product, and customer uptake and feedback has been incredible."

"Far beyond just a great natural language querying mechanism, Purple AI is automating investigations, prioritising threats, and slashing response times from hours to mere minutes. By extending Purple AI's capabilities across both native and third-party data in Singularity, customers can rapidly stop even the most sophisticated attacks in their tracks, while gaining more value from the full security stack and their collective security data."

The increasing complexity of cybersecurity environments often results in overwhelming alert volumes, fragmentation of data sources, and sophisticated threats which can be missed by security teams.

This integration aims to mitigate those issues by consolidating data and providing a more comprehensive, faster response capability.

SentinelOne's offering is distinguished as the only generative AI security analyst in the industry that utilises the Open Cybersecurity Schema Framework (OCSF).

This feature allows for the ingestion and normalisation of data, which enables simpler and more effective threat hunting and investigation across various data sources.

This capability is exemplified through the joint integration with Zscaler. Customers who use both SentinelOne and Zscaler services can now pull Zscaler logs into the Singularity platform and conduct simplified investigations using natural language queries.

Amit Raikar, Vice President, Technology Alliances and Business Development at Zscaler, commented, "Enriched by the extensive telemetry from Zscaler, the integration with SentinelOne significantly enhances the ability for SOC teams to leverage AI for threat hunting and complex investigations."

"Together, we're focused on helping customers strengthen their zero trust security in an increasingly complex risk environment, where closing gaps in hunting coverage with unprecedented speed and ease is more crucial than ever."

This expansion of SentinelOne's capabilities to incorporate third-party data sources is now available for all Purple AI customers, while the multilingual support is open for early access for existing customers.