IT Brief India - Technology news for CIOs & IT decision-makers
India
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
SIEM
#
Cloud Security
#
SOC

SentinelOne launches Purple AI Athena to boost SOC automation

Today
Author image
By Melania Watson, Interview Editor

SentinelOne has announced the introduction of new agentic artificial intelligence capabilities as part of its latest Purple AI Athena release.

The release of Purple AI Athena introduces features aimed at automating and accelerating security operations tasks that are typically undertaken by Security Operations Centre (SOC) analysts, including the triaging, investigation, and remediation of security threats.

These capabilities are designed to support increasingly overstretched security operations teams by reducing the mean time to respond (MTTR) and mitigating alert fatigue.

According to the details disclosed, Purple AI Athena leverages AI that mimics the iterative thinking processes and deductive reasoning of experienced SOC analysts.

The underlying system utilises SentinelOne's security models and agentic framework to execute investigations on suspicious activities across multiple data sources. Orchestrating multi-step response actions, it aims to remediate threats in a matter of seconds, contrasting with more traditional approaches that can require hours.

The AI is reported to be fine-tuned through an advanced combination of neural networks working across trillions of security-relevant data points.

This architecture is bolstered by a global network of security professionals who provide continuous feedback, resulting in what SentinelOne describes as a scalable approach to autonomous security operations. The platform's Auto Triage feature applies deep security reasoning to conduct similarity analysis on alerts, identifying and prioritising those more likely to be true positives. Auto Triage is stated as being made generally available with the new release.

The Purple AI Athena release also features full-loop remediation and response, powered by what the company refers to as Singularity Hyperautomation. The agentic AI system within Purple AI employs no-code workflow capabilities, automatically creating detection rules and transforming insights from investigations into autonomous processes. It provides security teams with result summaries and prompts analysts to convert tasks and insights into reusable automation workflows. These workflows reportedly enable the system to investigate and resolve alerts, learning and improving remediation actions over time.

This move is intended to move beyond basic, rules-based automation in security operations, facilitating more comprehensive and orchestrated responses to threats.

Another significant component of the announcement is the data-agnostic integration feature.

With this release, security operations teams can directly use Purple AI with third-party Security Information and Event Management (SIEM) systems and security data lakes without the need for data migration.

Alerts are ingested and correlated in real time, after which Purple AI applies streaming analytics and remediation actions. This is intended to enable organisations to avoid incurring additional costs or delays due to data transfers or integration steps, providing immediate access to advanced AI-driven security operations across diverse environments.

SentinelOne states that Purple AI's development has benefited from broad adoption in production environments since its initial unveiling in 2023. The company's proprietary sensor architecture is described as supporting granular, customer-specific tuning of data collected from endpoints and cloud workloads.

This data is processed within SentinelOne's AI-powered SIEM, and the resulting dataset is continuously refined via feedback from SentinelOne's Managed Detection and Response (MDR) team and global partners.

The Purple AI Athena release includes expanded agentic AI capabilities such as AI-powered data integrations, automated threat hunting and detection, auto-triage and investigations, rule creation for new detection scenarios, automated response and reporting, and AI-powered support functions.

Tomer Weingarten, Co-Founder and Chief Executive Officer of SentinelOne, commented, "AI and automation have long held the promise of fundamentally transforming security operations and supercharging analysts to detect and respond – at machine speed – to threats from even the most sophisticated nation state adversaries and cyber criminals. At RSA, we're revealing the industry's first true end-to-end agentic AI cybersecurity platform built on over a decade of security expertise – and we're bringing it to all security data in the modern SOC."

He added, "By delivering agentic AI automation and orchestration capable of reasoning and responding like an advanced security analyst, we believe humans get empowered even more as they assume supervision of these systems - an important role that will also shape the coming generation of security service providers."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
CrowdStrike launches unified data protection for AI & cloud
Rapid7 unveils upgraded platform with $1M breach cover
UiPath launches free AI automation training for public sector
Silent Push unveils enhanced threat intelligence with Feed Scanner
Cloud Security Alliance launches initiative to automate compliance
Top stories
Forrester warns of deepfakes & AI extortion in 2025 threats
Palo Alto Networks unveils Prisma SASE browser for AI security
Palo Alto Networks launches Prisma AIRS to secure enterprise AI
Palo Alto Networks to acquire Protect AI to boost AI security
Global study reveals public trust is lagging growing AI adoption