Sentinel Unveils Revolutionary AI Platform for Cybersecurity
Industry-first offering will leverage generative artificial intelligence and reinforcement learning capabilities to detect, stop and autonomously remediate attacks across the enterprise at machine speed
Apr. 24, 2023-- Cybercriminals around the world are using generative artificial intelligence (AI) to execute malicious attacks that can take down companies and governments. SentinelOne (NYSE: S), a global leader in autonomous security and pioneer in deep learning models and neural networks, plans to use the same technologies to defeat them. The company today unveiled a revolutionary threat-hunting platform that integrates multiple layers of AI technology to deliver unparalleled security capabilities and real-time, autonomous response to attacks across the entire enterprise. The news was announced during RSA Conference 2023, the premier cybersecurity event being held at the Moscone Center in San Francisco.
“Today marks a paradigm shift in cybersecurity,” said Tomer Weingarten, CEO, SentinelOne. “AI is among the most disruptive technologies of our time, and with our new capabilities, we can unleash its power to help companies control all aspects of enterprise security - from visibility to response - with unmatched speed and efficiency.”
A first-of-its-kind offering, the SentinelOne threat-hunting platform seamlessly fuses real-time, embedded neural networks and a large language model (LLM)-based natural language interface, supercharging users with AI to monitor and operate all security data and boost their productivity and scale their operations. Through the platform, security teams can ask complex threat and adversary-hunting questions and run operational commands to manage their entire enterprise environment using natural language, and within seconds receive deep insights and full, transparent, correlated results to prompt actions across the cybersecurity ecosystem.
An Intelligent, Action-Oriented Approach
Built on the industry’s most performant security data lake, the SentinelOne threat-hunting platform aggregates and correlates information from device and log telemetry across endpoint, cloud, network and user data, and not only delivers insights, but recommends response actions that can be immediately executed - from mitigation and investigation to endpoint, cloud and user management.
“Our cybersecurity AI platform represents a major leap forward in cybersecurity,” said Ric Smith, Chief Product and Technology Officer, SentinelOne. “By allowing users to automate response and take action without the need for coding skills and process and analyze petabytes of data in near-real time, it promises to radically simplify security operations and empower defenders in unprecedented and unforeseen ways.”
The Future of Cybersecurity
The SentinelOne platform will also allow users to lay a solid foundation for the future and secure tomorrow, today.
“Bad actors are increasingly employing AI-based, automated tools to infiltrate all facets of networks with unprecedented speed,” Weingarten said. “With our unmatched experience and capabilities, organizations can quickly scale their cybersecurity operations to stay ahead of these evolving threats and create a strong structural foundation for cybersecurity defenses for years to come.”
A Force for Good
And they can do it in a responsible, ethical way. “At SentinelOne, our mission is to be a force for good, and our unwavering commitment to ensuring that our cutting-edge technologies are used safely, ethically and responsibly is evident in every aspect of our platform,” Weingarten said. “There is a huge shortage of cybersecurity talent, and in advancing the capabilities of skilled security practitioners, our new capabilities will allow organizations to quickly scale to secure the cloud and avoid the storm of automated and fast-flux attacks that adversaries using generative AI can create. In addition, we allow customers to retain complete control of their data, reinforcing our dedication to keeping sensitive information in the hands of its rightful owners.”
The new capabilities will be delivered as part of SentinelOne’s threat-hunting experience and are available in limited preview today. For more information, please visit [www.sentinelone.com]
I wonder what the revolutionary part is of this AI announcement. Maybe moji or someone can explain. Sentinel has been using machine learning for many years like everybody else for malware behaviors and threat hunting. Is this a marketing campaign to get on the AI bandwagon or something really different and discriminatory to the business?
-zane
I’m not in the security field, but I believe this is the relevant quote in terms of what this new technology actually is:
A first-of-its-kind offering, the SentinelOne threat-hunting platform seamlessly fuses real-time, embedded neural networks and a large language model (LLM)-based natural language interface, supercharging users with AI to monitor and operate all security data and boost their productivity and scale their operations. Through the platform, security teams can ask complex threat and adversary-hunting questions and run operational commands to manage their entire enterprise environment using natural language, and within seconds receive deep insights and full, transparent, correlated results to prompt actions across the cybersecurity ecosystem.
So what they’re saying is that someone could type “pull up all the logs with potential threats over the past 24 hours” and the system will automatically pull those rather than having to do it manually.
One of the big potential shifts with these LLM’s is their ability to write code and perform operational tasks, to the point that a lot of coding may eventually just become talking / prompting an LLM based operating system rather than using command line or other scripting languages.
Github Copilot X is another example of this for general coding purposes that builds upon their current Github Copilot offering (which is already really incredible and I’ve found significantly speeds up my coding): https://github.com/features/preview/copilot-x
In terms of whether it’s “revolutionary” or not, I don’t have enough details / expertise to really say. LLM prompting to write code and run systems is broadly revolutionary, but using APIs and systems built by OpenAI/Microsoft and others will commoditize the general idea to an extent (I doubt Sentinel is building their own LLM from scratch–maybe doing some transfer learning?). How well different companies can integrate and tailor it into their platforms will probably be the differentiator, but I expect a lot of similar offerings to arise in the foreseeable future.