AI-powered Security Assistant For Fortinet
January 19, 2025
CrowdStrike Falcon Identity Protection Delivered
January 20, 2025Exploring New Horizons with Purple AI: Integration of Third-Party Log Sources and Multilingual Question Handling
Partner Log Sources | Unlock Deeper Data Visibility for Faster, Smarter Responses
cyber threats become increasingly advanced, security teams require cutting-edge tools driven by generative AI to identify and respond to threats with the speed and precision of machines. At SentinelOne, this vision is already taking shape through Purple AI, an innovative solution designed to empower security teams and maintain a proactive stance against evolving attacks. Purple AI stands as the industry’s most sophisticated AI security analyst.
It simplifies critical tasks such as threat hunting, drafting complex queries, conducting investigations, and navigating intricate data structures within SentinelOne’s platform and integrated partner log sources. By streamlining these workflows, Purple enables your team to focus their efforts on addressing challenges rather than getting bogged down by time-consuming processes.
Today, we’re excited to announce two important new features in Purple AI that deliver the next step in AI security innovation to accelerate efficiencies for security teams:
- Expanded Third-Party Log Source Support – Enabling SOC teams to detect threats earlier with expanded data visibility and a unified data stream across the enterprise.
- Early Access to Multilingual Question Support – Equipping global security teams and organizations to hunt, investigate, and respond faster in their preferred language.
Partner Log Sources | Unlock Deeper Data Visibility for Faster, Smarter Responses
Organizations utilize a variety of data sources to establish robust defenses. Yet, the influx of data often brings the challenge of understanding unfamiliar data schemas and navigating intricate query languages.
Purple AI addresses this issue for security teams by streamlining data management. As the industry's only GenAI security analyst built with normalized data ingestion through the Open Cybersecurity Schema Framework (OCSF), it enables instant querying across both native and third-party data sources. This approach ensures scalability for growing datasets and provides unified data views, accelerating the investigation process.
We’re helping security teams further harness the power of data and AI by expanding Purple’s supported third-party log sources to include:
- Palo Alto Networks Firewall
- ZScaler Internet Access
- Proofpoint TAP
- Microsoft Office 365
- Fortinet FortiGate
- Okta
With Purple AI, your SOC can leverage this expanded data to uncover threats faster, gain broader visibility, and focus on making critical decisions. Purple AI takes the complexity out of querying, ensuring that more data doesn’t slow you down but, instead, empowers faster and more efficient security processes.
Broaden Your Visibility
Starting today, security teams can leverage the full breadth of Purple AI’s threat hunting and investigation capabilities to query across an expansive list of native and third party sources. Security analysts can ask questions like:
“Show how many users accessed cloud applications from Zscaler Internet Access logs from Dec 21-23 2024,” or “Show user accounts in Okta with the highest number of failed login attempts today.”
Alternatively, use a Quickstart question to begin a conversation with Purple AI. Receive a precise events table tailored to the new data sources along with relevant PowerQuery syntax. Users can also leverage contextual follow-ups to uncover deeper insights across expanded datasets without missing a beat.
By integrating data from these widely used platforms, Purple AI expands its role as a trusted partner for SOC teams, helping you stay ahead of evolving threats while reinforcing the tools and processes you rely on every day. This is more than just accessing data. This is about making your data work smarter and helping your team stay ahead in the game.
Multilingual Questions | Empowering Global SOCs with the Power of Purple
Cybersecurity shouldn’t be limited by borders or languages. While Purple AI has already empowered countless global security teams, we recognize the importance of equipping security teams with access to the best AI security tools in their preferred language.
That’s why we’re thrilled to introduce early access to multilingual question support, available at no additional cost to all Purple AI customers. Purple AI is now more accessible than ever before, expanding its reach to organizations worldwide.
Key Benefits of Multilingual Support
- Breaking Language Barriers – Ask Purple AI your questions in any supported language and it will translate them into the necessary PowerQuery syntax to deliver accurate results.
- Fostering Worldwide Collaboration – Multilingual support simplifies communication by enabling on-the-fly translations. Investigation steps are saved in the Notebook with translated summaries, making it easier to share findings with international teams or stakeholders.
- Global Mission, Local Access – By making Purple AI available in more languages, we’re taking steps toward ensuring that every organization, regardless of geography or language, has access to world-class security tools.
Global Threat Hunting Simplified
Multilingual support in Purple AI empowers security teams to respond to threats with speed, access, and precision, regardless of language preference. We’re helping SOC teams break down borders, fostering stronger collaboration, and ensuring that every organization, no matter where they are, has access to the tools they need to stay secure.
Using this feature is as simple as adding a query in your preferred language. For example:
- Ask in Spanish: “¿Muestra cuántos usuarios accedieron a aplicaciones en la nube desde los registros de acceso a Internet de Zscaler del 21 al 23 de diciembre de 2024””
- Ask in Japanese: “2024年12月21日から23日までのZscalerインターネットアクセスログからクラウドアプリケーションにアクセスしたユーザー数を表示します。”
Supported languages include Spanish, French, German, Italian, Dutch, Arabic, Japanese, Korean, Thai, Malay, Indonesian, and more. Just ask a question in the language of your choice, and we’ll take care of the rest by translating your query, interpreting the data, and delivering precise insights. While the resulting summaries and follow-ups are currently presented in English by default, simply ask Purple AI to provide translated results by adding queries like “Tell me in Japanese” or, in your preferred language.
Bringing It All Together
Whether by broadening visibility with expanded log source support or making security accessible to a global audience with multilingual features, our mission is clear: To safeguard your data by empowering every analyst to detect earlier, respond faster, and stay ahead of attacks.
With these updates, we’re building a future where collaboration and inclusivity drive innovation in cybersecurity. Together, we can outpace threats and create a safer, more connected world. Stay vigilant, stay connected, and stay secure.
As Technovera Co., we officially partner with well-known vendors in the IT industry to provide solutions tailored to our customers’ needs. Technovera makes the purchase and guarantee of all these vendors, as well as the installation and configuration of the specified hardware and software.
We believe in providing technical IT solutions based on experience.