The intersection of cybersecurity and artificial intelligence is expanding and becoming more dynamic. SentinelOne is toeing this intersection with Purple AI, a platform that aims to leverage behavioral AI to transform how security analysts interact with threats and vulnerabilities.

SentinelOne’s Chris Boehm discusses behavioral AI with theCUBE.

“It’s a generative AI capability based on our data set,” said Chris Boehm (pictured), global field chief information security officer of SentinelOne Inc. “It started as an LLM technology based on endpoint security telemetry. It could do emails, do summarization or build code — it’s quite amazing. We use our expertise and knowledge and TI feeds that we use to leverage with partners to enrich that experience to make it an amazing coordination for security teams, partners and analysts.”

Boehm spoke with theCUBE Research’s  John Furrier and Savannah Peterson at mWISE 2024, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed behavioral AI as a key differentiator for SentinelOne, allowing the identification of emerging threats before they become full-blown crises. (* Disclosure below.)

Behavioral AI: Dissecting the strategic collaboration with Mandiant

Purple AI empowers security professionals by making data insights accessible through natural language queries. Analysts can simply ask for the emerging threats in their environment, and the platform provides coordinated, comprehensive insights. These features make the tool great for analyzing complex data sets, creating an efficient workflow that coordinates multiple layers of security with ease, according to Boehm.

“It coordinates it all right there, really smooth and easy for you,” he said. “That’s live today; it’s not vaporware. Even at Black Hat, we did a live demonstration for anyone in the audience to come up and put their hands on a keyboard and go against analysts with Purple AI versus a security analyst.”

Another key development is SentinelOne’s collaboration with Mandiant Inc. SentinelOne integrates Mandiant’s threat data directly into its platform, making it available to customers. This collaboration enhances the ability to detect and respond to threats by combining SentinelOne’s behavioral AI with Mandiant’s intelligence, Boehm explained.

“Every partner is a charm for us, but Mandiant is something special,” he said. “They’re the only OEM threat intelligence we offer that is built into our platform, for example. I always say that’s a cornerstone of saying that we trust Mandiant so much that we want them to be something available to all of our customers.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of mWISE 2024: 

(* Disclosure: SentinelOne Inc. sponsored this segment of theCUBE. Neither SentinelOne nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE