Infosec2024 decodes SentinelOne’s AI threat hunting assistant at #Infosec2024

TLDR:

• SentinelOne’s new AI tool, Purple AI, aims to democratize threat hunting for cybersecurity professionals.
• The tool will be showcased at Infosecurity Europe 2024 through a ‘Man vs Machine’ live demonstration.

Artificial intelligence has become a game-changer in the cybersecurity landscape, with both attackers and defenders leveraging its power. SentinelOne’s Purple AI aims to make threat hunting more accessible for cybersecurity professionals by speeding up the work of analysts and simplifying the process for others. The tool will be showcased at Infosecurity Europe 2024 through a live ‘Man vs Machine’ threat-hunting competition.

During the competition, a skilled security analyst will use SentinelOne’s platform and PowerQuery language, while a non-skilled hunter will utilize Purple AI’s natural language capabilities. The tool allows users to ask questions in English and quickly gather relevant threat data, making it easier for even those with limited security skills to start threat hunting.

Purple AI’s capabilities go beyond endpoint detection and response (EDR) solutions, extending to analyzing data from cloud sources like AWS and Microsoft Azure logs. The tool aims to embed itself seamlessly into users’ workflows, providing security analytics at their fingertips. With features like AI-powered ‘AI Security Analyst’ and complex data query capabilities, Purple AI is set to revolutionize threat hunting for cybersecurity professionals of all skill levels.