SentinelOne Delivers on Autonomous SOC Vision with Introduction of Singularity Hyperautomation, AI SIEM, and New Purple AI Innovation
SentinelOne, a leader in AI-powered cybersecurity, unveiled innovations at OneCon 2024 to deliver on the vision of the Autonomous Security Operations Center (SOC). The new offerings include:
Singularity Hyperautomation: No-code automation of security workflows with 100+ integrations and pre-built workflows.
Singularity AI SIEM: Cloud-native, no-index SIEM for real-time detection and faster investigation.
Purple AI: Enhanced capabilities for alert triage, hunting, and automated investigations.
Ultraviolet: A family of security LLMs and multimodal models for specific cybersecurity use cases.
These innovations aim to reduce risk, speed decision-making, and free up security teams to focus on high-impact initiatives.
SentinelOne, leader nella cybersecurity potenziata dall'IA, ha presentato innovazioni a OneCon 2024 per realizzare la visione del Centro Operativo di Sicurezza Autonomo (SOC). Le nuove offerte includono:
Singularity Hyperautomation: Automazione senza codice dei flussi di lavoro di sicurezza con oltre 100 integrazioni e flussi di lavoro predefiniti.
Singularity AI SIEM: SIEM nativo nel cloud, senza indice, per rilevamento in tempo reale e indagini più rapide.
Purple AI: Capacità potenziate per la triage degli allerta, ricerca e indagini automatizzate.
Ultraviolet: Una famiglia di LLM di sicurezza e modelli multimodali per casi d'uso specifici nella cybersecurity.
Queste innovazioni mirano a ridurre i rischi, accelerare il processo decisionale e liberare le squadre di sicurezza per concentrarsi su iniziative ad alto impatto.
SentinelOne, líder en ciberseguridad impulsada por IA, presentó innovaciones en OneCon 2024 para llevar a cabo la visión del Centro de Operaciones de Seguridad Autónomo (SOC). Las nuevas ofertas incluyen:
Singularity Hyperautomation: Automatización sin código de flujos de trabajo de seguridad con más de 100 integraciones y flujos de trabajo predefinidos.
Singularity AI SIEM: SIEM nativo en la nube, sin índice, para detección en tiempo real e investigación más rápida.
Purple AI: Capacidades avanzadas para la triage de alertas, búsqueda e investigaciones automatizadas.
Ultraviolet: Una familia de LLM de seguridad y modelos multimodales para casos de uso específicos en ciberseguridad.
Estas innovaciones tienen como objetivo reducir riesgos, acelerar la toma de decisiones y liberar a los equipos de seguridad para que se concentren en iniciativas de alto impacto.
SentinelOne은 AI 기반 사이버 보안의 선두주자로서 OneCon 2024에서 자율 보안 운영 센터(SOC)의 비전을 실현하기 위한 혁신을 발표했습니다. 새로운 제안 항목에는:
Singularity Hyperautomation: 100개 이상의 통합 및 사전 구축된 워크플로를 갖춘 코드 없는 보안 워크플로 자동화.
Singularity AI SIEM: 실시간 감지 및 빠른 조사를 위한 클라우드 네이티브, 인덱스 없는 SIEM.
Purple AI: 경고 분류, 사냥 및 자동 조사 기능 향상.
Ultraviolet: 특정 사이버 보안 사용 사례를 위한 보안 LLM 및 다중 모드 모델의 집합.
이 혁신들은 위험을 줄이고, 의사 결정을 빠르게 하며, 보안 팀이 더 큰 영향력 있는 이니셔티브에 집중할 수 있도록 합니다.
SentinelOne, leader dans le domaine de la cybersécurité propulsée par l'IA, a dévoilé des innovations lors de OneCon 2024 pour réaliser la vision du Centre d'Opérations de Sécurité Autonome (SOC). Les nouvelles offres comprennent :
Singularity Hyperautomation : Automatisation sans code des workflows de sécurité avec plus de 100 intégrations et des workflows préconfigurés.
Singularity AI SIEM : SIEM natif dans le cloud, sans index, pour une détection en temps réel et des investigations plus rapides.
Purple AI : Capacités améliorées pour la triage des alertes, la recherche et les enquêtes automatisées.
Ultraviolet : Une famille de LLM de sécurité et de modèles multimodaux pour des cas d'utilisation spécifiques à la cybersécurité.
Ces innovations visent à réduire les risques, à accélérer la prise de décision et à libérer les équipes de sécurité pour qu'elles puissent se concentrer sur des initiatives à fort impact.
SentinelOne, ein führendes Unternehmen im Bereich KI-gesteuerter Cybersicherheit, stellte auf der OneCon 2024 Innovationen vor, um die Vision des Autonomen Sicherheitsoperationszentrums (SOC) zu verwirklichen. Zu den neuen Angeboten gehören:
Singularity Hyperautomation: No-Code-Automatisierung von Sicherheitsworkflows mit über 100 Integrationen und vorgefertigten Workflows.
Singularity AI SIEM: Cloud-natives, indizierungsfreies SIEM für Echtzeiterkennung und schnellere Ermittlungen.
Purple AI: Verbesserte Fähigkeiten zur Alarmtriage, Jagd und automatisierten Ermittlungen.
Ultraviolet: Eine Familie von Sicherheits-LLMs und multimodalen Modellen für spezifische Anwendungsfälle der Cybersicherheit.
Diese Innovationen zielen darauf ab, Risiken zu reduzieren, Entscheidungen zu beschleunigen und Sicherheits-Teams zu entlasten, damit sie sich auf hochwirksame Initiativen konzentrieren können.
- Introduction of Singularity Hyperautomation for no-code automation of security workflows
- Launch of Singularity AI SIEM for real-time threat detection and faster investigations
- Enhancement of Purple AI with Auto-Alert Triage and Auto-Investigations capabilities
- Development of Ultraviolet, a family of specialized security AI models
- Integration of over 100 third-party tools and dozens of pre-built workflows
- None.
Insights
SentinelOne's latest innovations mark a significant leap in autonomous cybersecurity. The introduction of Singularity Hyperautomation with no-code workflow automation and 100+ integrations addresses a critical need in SOCs for efficient threat response. The Singularity AI SIEM leverages AI and automation for real-time threat detection, potentially revolutionizing how SOCs operate.
The enhanced Purple AI capabilities, including Auto-Alert Triage and Auto-Investigations, could substantially reduce alert fatigue and accelerate incident response times. This AI-driven approach to cybersecurity operations aligns with the industry trend towards more intelligent, automated security solutions.
The unveiling of the Ultraviolet family of security models demonstrates SentinelOne's commitment to pushing the boundaries of AI in cybersecurity. These specialized models could provide a competitive edge in specific security use cases, potentially improving detection efficacy and operational efficiency.
Overall, these innovations position SentinelOne as a frontrunner in AI-powered cybersecurity, potentially driving increased market share and customer adoption in the highly competitive cybersecurity market.
SentinelOne's new offerings represent a significant advancement in the application of AI to cybersecurity. The Singularity Hyperautomation platform's no-code approach democratizes automation, potentially accelerating adoption and effectiveness of security workflows across organizations of varying technical expertise.
The AI SIEM solution's use of a no-index architecture for real-time detection on streaming data is particularly innovative. This approach could offer substantial performance improvements over traditional indexed SIEM systems, especially in high-volume environments.
The enhancements to Purple AI, especially the Auto-Alert Triage and Auto-Investigations features, showcase sophisticated applications of generative AI. These features leverage large-scale data analysis and autonomous reasoning, which could significantly reduce human workload in SOCs.
The introduction of the Ultraviolet family of security models is a strategic move. By developing specialized AI models for cybersecurity, SentinelOne is addressing the limitations of general-purpose LLMs in security contexts. This could lead to more accurate and efficient AI-driven security operations, potentially setting a new standard in the industry.
Cybersecurity leader unveils AI and automation breakthroughs at OneCon 2024, powered by data to transform security operations
Introduced at OneCon 2024, SentinelOne’s premier customer and cybersecurity conference, these new innovations set a new bar for AI, automation and data to make the promise of the Autonomous SOC a reality today:
- Singularity Hyperautomation – No-code automation of security workflows.
- Singularity AI SIEM – Ingestion and synthesis of all data from across the security ecosystem.
- Purple AI – Automating alert triage, hunting, and investigations.
- SentinelOne’s Ultraviolet Family of Security Models – Large language models (LLMs) and multimodal models designed for cybersecurity AI use cases.
“The future of threat detection and response must keep up with the speed and sophistication of adversaries and the realities facing today’s already overstretched SOC teams,” said Ric Smith, President, Product, Technology, and Operations at SentinelOne. “From our founding, SentinelOne has pioneered the use of AI to automate response and remediation of threats for our customers. Today we’re making the promise of the autonomous SOC a reality by unleashing the full power of AI and data, to give customers the speed, intelligence, and scale needed to fend off tomorrow’s threats.”
Singularity Hyperautomation – No-Code Automation of Security Workflows
Singularity Hyperautomation is a new intelligent automation solution built to solve for customers’ unique SOC requirements. It empowers customers by offering over 100 integrations and dozens of out-of-the-box workflows designed to address common cyber threats, such as ransomware mitigation, asset compliance monitoring, and response to suspicious user activity and insider threats. Singularity Hyperautomation features a simple, no-code, drag-and-drop canvas for building custom workflows and automating tasks, along with no-code access to any API to leverage data from any security or IT source.
Built directly into the SentinelOne platform, Singularity Hyperautomation integrates seamlessly into analyst workflows, where automations are intelligently suggested during investigations. It also benefits from the platform and Purple AI to automatically generate playbooks based on peer-driven insights, empowering teams to respond faster and more efficiently. Native integration with Singularity’s endpoint, cloud, identity and AI SIEM capabilities means that not only can security teams automate the remediation of threats across multiple attack surfaces, but all first-party and third-party data in Singularity can be leveraged to respond to incidents with more context and less complexity rapidly.
Singularity AI SIEM – Ingestion and Synthesis of All Data from Across the Security Ecosystem
Formally introduced to SentinelOne customers and partners at OneCon 2024, Singularity AI SIEM (Security Information and Event Management) is a cloud-native, no-index SIEM that uses AI and automation capabilities to help reimagine how SOC analysts work. Powered by the highly scalable Singularity Data Lake with always-on hot storage, AI SIEM provides real-time detection on streaming data, while dramatically speeding investigation and response.
Singularity AI SIEM has been built upon an open ecosystem, capable of ingesting structured and unstructured data from not only SentinelOne’s endpoint, cloud and identity security offerings, but also third-party security and IT tools by leveraging the Open Cybersecurity Schema Framework (OCSF) and out-of-the-box integrations. As a result, customers can gain instant, expanded visibility across the entire enterprise environment and automate workflows across multiple tools.
And with AI SIEM and Purple AI, security analysts can harness SentinelOne’s renowned AI-powered autonomous capabilities for real-time detections, generative AI-assisted hunting and investigations, and machine-speed protection against emerging threats.
SentinelOne Purple AI – Automating Alert Triage, Hunting, and Investigations
SentinelOne’s Purple AI security analyst has set the standard for generative AI in cybersecurity since its introduction. Integrated with all aspects of the Singularity Platform, Purple AI translates natural language security questions into structured queries, summarizes event logs and indicators, guides analysts of all levels through complex investigations and scales collaboration with shared investigation notebooks. At OneCon 2024, SentinelOne is raising the bar for generative AI even further through the introduction of new Purple AI capabilities designed to rapidly automate investigations, reduce alert fatigue and stay ahead of attacks.
New Purple AI Auto-Alert Triage prioritizes top alerts and helps to quickly prioritize which alerts need further investigation. Auto-Alert Triage harnesses new Global Alert Analysis to assess thousands of anonymized similar alerts to better determine true positives, and surfaces prioritized ‘Alerts to Investigate’ to reduce alert fatigue and give security teams time back to focus on the most critical tasks that reduce risk.
Purple AI can now also be used to kick off and run autonomous investigations to fast track investigations and response. With the new Purple AI Auto-Investigations capability, Purple AI will take prioritized alerts, automatically compile a list of investigation steps based on the alert in question, independently run the steps and generate a recommended verdict. Evidence collected in the investigation is saved in an auditable and collaborative Purple AI investigation notebook to significantly shrink investigation and reporting times, while giving SOC teams and incident responders the advantage of speed and scale when addressing critical threats.
Introducing SentinelOne’s Ultraviolet Family of Security Models
Over the past three years, the costs of large general purpose multi-modal models have been driven down substantially, while the capability of these models has significantly increased. For cybersecurity-related generative AI applications, these models, coupled with extensive domain knowledge, have proven to be the best approach to building genuinely useful assistant experiences in the security domain. However, there remains areas of cybersecurity-related AI where proprietary models will have decisive advantages.
At OneCon 2024, SentinelOne is unveiling Ultraviolet, SentinelOne’s family of security LLMs and multimodal models that solve for specific security use cases and better support the agentic workflows needed to significantly reduce operational burden.
Ultraviolet will complement the best general purpose models, focusing specifically on unique areas like improving detection efficacy by enabling more context to be considered in real time and improving efficiency of reasoning about security problems to enable greater autonomy where better tuned models stay on task and require substantially fewer tokens to arrive at useful conclusions.
About SentinelOne
SentinelOne is a leading AI-powered cybersecurity platform. Built on the first unified Data Lake, SentinelOne empowers the world to run securely by creating intelligent, data-driven systems that think for themselves, stay ahead of complexity and risk, and evolve on their own. Leading organizations—including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments— trust SentinelOne to Secure Tomorrow™. Learn more at sentinelone.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20241016072414/en/
Media Contact:
Karen Master
SentinelOne
Press@sentinelone.com
Source: SentinelOne
FAQ
What new products did SentinelOne (S) announce at OneCon 2024?
How does Singularity Hyperautomation improve security workflows for SentinelOne (S) customers?
What are the key features of SentinelOne's (S) new AI SIEM product?
How does Purple AI enhance alert triage and investigations for SentinelOne (S) users?
