SentinelOne has enhanced its Purple AI analyst by extending its functionality to third-party platforms, including Zscaler, Palo Alto Networks, Okta, Proofpoint TAP, Fortinet FortiGate, and Microsoft Office 365. This expansion enables security teams to conduct faster and more comprehensive cybersecurity investigations using Purple AI’s capabilities across multiple data sources. Initially launched as an AI assistant within SentinelOne, Purple AI now operates autonomously to simplify threat hunting and accelerate investigations. Purple AI leverages the Open Cybersecurity Schema Framework (OCSF) to query normalized data, which is data reorganized for logical storage. This enables customers to swiftly search both native and external data, identify correlations, and gain insights into their entire security stack.
In addition to third-party integrations, SentinelOne has introduced multilingual support for Purple AI, accommodating queries and summaries in Dutch, Spanish, French, German, and Italian. The tool automates threat prioritization, investigations, and responses, significantly reducing response times from hours to minutes. SentinelOne Vice President Ely Kahn highlighted how Purple AI enhances security operations by stopping sophisticated attacks while maximizing the value of collective security data. For instance, SentinelOne and Zscaler users can analyze Zscaler Security Service Edge logs on the Singularity platform and gain insights into user activity, threats, and policy violations through natural language queries.
