SentinelOne has launched a suite of AI and automation features to enhance security operations, offering faster threat detection and response.

At OneCon 2024, SentinelOne introduced a set of GenAI-powered tools for its Singularity platform, designed to improve the efficiency of Security Operations Centers (SOC). With challenges like slow detection and alert overload plaguing SOC teams, the new suite focuses on automating workflows, speeding up investigations, and reducing alert fatigue.

The Singularity Hyperautomation tool allows SOC teams to automate security workflows with over 100 integrations and pre-built processes. Its no-code interface enables teams to build custom automations for tasks such as ransomware mitigation and suspicious activity monitoring. By leveraging GenAI, the system generates intelligent playbooks during investigations, helping SOC analysts respond faster and more accurately to threats.

Another key feature is Singularity AI SIEM, which ingests data from multiple sources, including third-party tools, and provides real-time threat detection. Built on a cloud-native architecture, it uses AI to analyze both structured and unstructured data, speeding up investigations while enhancing visibility across the security ecosystem. The integration of AI enables SOC analysts to detect threats faster and automate response processes without manual intervention.

Purple AI adds further value by automating the triage of alerts and running investigations autonomously. It prioritizes alerts using global data analysis, significantly reducing alert fatigue. Purple AI can also kick off investigations and compile evidence automatically, providing recommended actions and reducing the workload on SOC teams.

SentinelOne’s Ultraviolet Security Models further improve threat detection by using domain-specific large language models (LLMs). These models add context and improve reasoning in real-time, enhancing the autonomy and accuracy of SOC operations.