New Possibilities with Purple AI | Third-Party Log Sources & Multilingual Question Support

As cyber threats grow more sophisticated, security teams need the right tools powered by generative AI (GenAI) to detect and protect at machine speed. At SentinelOne, we're already making this future a reality with Purple AI, equipping security teams with the AI-powered tools to help stay ahead of attacks.

Purple AI is the industry's most advanced AI security analyst: It streamlines threat hunting, query writing, investigations, and navigates complex data schemas within SentinelOne and across partner log sources. By optimizing workflows, Purple enables your team to focus on solving problems rather than managing processes.

Today, we're excited to announce two important new features in Purple AI that deliver the next step in AI security innovation to accelerate efficiencies for security teams:

• Expanded Third-Party Log Source Support- Enabling SOC teams to detect threats earlier with expanded data visibility and a unified data stream across the enterprise.
• Early Access to Multilingual Question Support- Equipping global security teams and organizations to hunt, investigate, and respond faster in their preferred language.

Partner Log Sources | Unlock Deeper Data Visibility for Faster, Smarter Responses

Organizations rely on diverse data sources to build a comprehensive defense. However, having access to more data often comes with the challenge of learning new data schemas and mastering complex query languages.

Purple AI simplifies the data problem for security teams. It's the only GenAI security analyst in the industry built on normalized data on ingest via the Open Cybersecurity Schema Framework (OCSF) to deliver instant querying of native and third-party data, scalability across expanding data sources, and normalized data views for faster investigations.

We're helping security teams further harness the power of data and AI by expanding Purple's supported third-party log sources to include:

• Palo Alto Networks Firewall
• ZScaler Internet Access
• Proofpoint TAP
• Microsoft Office 365
• Fortinet FortiGate
• Okta

With Purple AI, your SOC can leverage this expanded data to uncover threats faster, gain broader visibility, and focus on making critical decisions. Purple AI takes the complexity out of querying, ensuring that more data doesn't slow you down but, instead, empowers faster and more efficient security processes.

Broaden Your Visibility

Starting today, security teams can leverage the full breadth of Purple AI's threat hunting and investigation capabilities to query across an expansive list of native and third party sources. Security analysts can ask questions like:

Alternatively, use a Quickstart question to begin a conversation with Purple AI. Receive a precise events table tailored to the new data sources along with relevant PowerQuery syntax. Users can also leverage contextual follow-ups to uncover deeper insights across expanded datasets without missing a beat.

By integrating data from these widely used platforms, Purple AI expands its role as a trusted partner for SOC teams, helping you stay ahead of evolving threats while reinforcing the tools and processes you rely on every day. This is more than just accessing data. This is about making your data work smarter and helping your team stay ahead in the game.

Multilingual Questions | Empowering Global SOCs with the Power of Purple

Cybersecurity shouldn't be limited by borders or languages. While Purple AI has already empowered countless global security teams, we recognize the importance of equipping security teams with access to the best AI security tools in their preferred language.

That's why we're thrilled to introduce early access to multilingual question support, available at no additional cost to all Purple AI customers. Purple AI is now more accessible than ever before, expanding its reach to organizations worldwide.

Key Benefits of Multilingual Support

• Breaking Language Barriers- Ask Purple AI your questions in any supported language and it will translate them into the necessary PowerQuery syntax to deliver accurate results.
• Fostering Worldwide Collaboration- Multilingual support simplifies communication by enabling on-the-fly translations. Investigation steps are saved in the Notebook with translated summaries, making it easier to share findings with international teams or stakeholders.
• Global Mission, Local Access- By making Purple AI available in more languages, we're taking steps toward ensuring that every organization, regardless of geography or language, has access to world-class security tools.

Global Threat Hunting Simplified

Multilingual support in Purple AI empowers security teams to respond to threats with speed, access, and precision, regardless of language preference. We're helping SOC teams break down borders, fostering stronger collaboration, and ensuring that every organization, no matter where they are, has access to the tools they need to stay secure.

Using this feature is as simple as adding a query in your preferred language. For example:

• Ask in Spanish: "¿Muestra cuántos usuarios accedieron a aplicaciones en la nube desde los registros de acceso a Internet de Zscaler del 21 al 23 de diciembre de 2024""
• Ask in Japanese: "2024年12月21日から23日までのZscalerインターネットアクセスログからクラウドアプリケーションにアクセスしたユーザー数を表示します。"

Supported languages include Spanish, French, German, Italian, Dutch, Arabic, Japanese, Korean, Thai, Malay, Indonesian, and more. Just ask a question in the language of your choice, and we'll take care of the rest by translating your query, interpreting the data, and delivering precise insights. While the resulting summaries and follow-ups are currently presented in English by default, simply ask Purple AI to provide translated results by adding queries like "Tell me in Japanese" or, in your preferred language.

Bringing It All Together

Whether by broadening visibility with expanded log source support or making security accessible to a global audience with multilingual features, our mission is clear: To safeguard your data by empowering every analyst to detect earlier, respond faster, and stay ahead of attacks.

With these updates, we're building a future where collaboration and inclusivity drive innovation in cybersecurity. Together, we can outpace threats and create a safer, more connected world. Stay vigilant, stay connected, and stay secure.

Ready to explore the new features?

Existing Singularity Complete and Purple AI customers can start exploring these capabilities today. Open Purple AI, type your first query, and see the results in action. If you have questions or need assistance, reach out to our support team.

New to Purple AI? Learn how Purple AI can transform your SOC's threat-hunting capabilities. Contact us or request a demo to get started.

Public link

Please use the above public link if you want to share this noodl on another website.