Join top executives in San Francisco on July 11-12 to hear how leaders are integrating and optimizing AI investments for success. Learn more
Today, autonomous cybersecurity provider SentinelOne announced the launch of a new threat hunting platform that combines neural networks with a natural language interface based on LLMs, including GPT-4.
The SentinelOne threat hunting platform collects, collates and correlates data from endpoint, cloud service and network logs and acts as an automated assistant that security analysts can use to ask threat hunting questions and trigger automated response actions.
“Not only do we allow you to ask questions, we also let you, through a completely natural language interface, [to] evoke actions and automate and orchestrate responses in a complete, intuitive way,” said Tomer Weingarten, CEO of SentinelOne, in an interview with VentureBeat.
For example, a user can ask the system in natural language to find possible successful PowerShell phishing attempts, or to find all potential Log4j exploit attempts; receive a written summary of this information; and activate an automatic reply if necessary.
“We believe that with this system you unlock so much productivity that every security analyst is now 10 times the security analyst,” Weingarten said.
SentinelOne’s Place in the Generative AI Security Race
SentinelOne’s announcement, made at the 2023 RSA Conference in San Francisco, came just weeks after Microsoft released a GPT-4-powered AI security assistant called Security Copilot, and less than two weeks after threat intelligence provider Recorded Future announced its launch. of its own GPT. -driven security solution that can create written threat reports on demand.
While the generative AI security race is just getting started, with the broader market estimated to grow from $11.3 billion in 2023 to $51.8 billion in 2028, Weingarten says the SentinelOne solution’s ability to automate remediation actions sets it apart from competitors such as Security Copilot, which primarily aggregates breach activity.
“Say you know that someone sent a malicious phishing email, it landed in the user’s inbox and was detected as something malicious. Automatically, by understanding the anomaly in the execution of that audit process at the endpoint, the system can fix everything immediately from there,” said Weigngarten.
In this case, the platform could delete files from compromised endpoints and immediately block the sender in real time, with minimal intervention from a human analyst.
VentureBeat’s mission is to become a digital city plaza where tech decision makers can learn about transformative business technology and execute transactions. Discover our Briefings.