- SentinelOne is driven by machine learning algorithms that can spot security breaches as they happen across connected devices, cloud environments, and employee endpoints.
- Teams can ask SentinelOne, for example, to identify any users logged into over 20 endpoints or devices running the nordvpn program, which could be signs of an active attack.
SentinelOne Inc.’s enhanced detection and response technologies now include generative artificial intelligence to help organizations uncover harmful assaults on their IT systems.
The company unveiled a new threat-hunting platform using generative AI to boost the efficiency of security teams at the RSA Conference 2023. It is currently available in a limited preview.
Enterprises use SentinelOne’s well-known XDR platform to find malware inside their computer systems. It is driven by machine learning algorithms that can spot security breaches as they happen across connected devices, cloud environments, and employee endpoints. Security teams can use it to return compromised systems to a previous, more secure state and stop intrusions from causing any significant damage.
A large language model with humanlike conversational capabilities, like ChatGPT from OpenAI LP, is combined with the platform’s existing machine learning algorithms to create the new threat-hunting system. It enables security experts to conduct operational commands and ask complex questions in natural language, giving them the knowledge they need to identify attacks quickly.
For example, teams can ask SentinelOne, to identify any users logged into over 20 endpoints or devices running the nordvpn program, which could be signs of an active attack. They could request to see a list of all company devices communicating with China as an alternative. Depending on the organization, that might be a warning sign that calls for more investigation.
The platform gathers and correlates data from endpoints, clouds, networks, and user data to provide answers to such questions. In addition to responding instantly, it will also suggest possible responses, allowing users to investigate anything suspicious further or, if necessary, reduce the threat.
“By allowing users to automate response and take action without the need for coding skills and process and analyze petabytes of data in near-real time, it promises to radically simplify security operations and empower defenders in unprecedented and unforeseen ways,” said Ric Smith, Chief Product and Technology Officer of SentinelOne.
Cybersecurity operations may undergo a paradigm shift as a result of generative AI, according to SentinelOne CEO Tomer Weingarten. He emphasized that since malicious actors increasingly use their AI tools to infiltrate networks faster, the company’s new tool effectively warns attackers.
Tomer Weingarten said, “With our unmatched experience and capabilities, organizations can quickly scale their cybersecurity operations to stay ahead of these evolving threats and create a strong structural foundation for cybersecurity defenses for years to come. AI is among the most disruptive technologies of our time, and with our new capabilities, we can unleash its power to help companies control all aspects of enterprise security — from visibility to response — with unmatched speed and efficiency.”