I notice a difference in speed using Purple AI compared to legacy SIEMs such as Sumo Logic; it is fast, taking only a few seconds to respond. Sumo Logic has an AI assistant called Sumo Copilot, but it takes much longer, often responding after a minute. In comparison, Purple AI is quicker and does not take much time to give a response. The response time reduction is approximately fifty percent. Purple AI does provide a threat intel feature. If any alert triggers, specifically if a file or IP related to that alert is identified, it automatically reaches threat intel and gives us a result based on that. Data privacy and security in Purple AI meet my needs and requirements; it is good in that regard. Regarding the threat hunting quick start library, it is very useful as it provides us with suggestions based on ongoing attacks, including the striker cyber attacks happening from Iran to other companies. Based on these current attacks, it suggests whether we want to look for IOCs related to the striker attack, and it has predefined templates for that. It is very useful to have these templates.
Purple AI could do something to improve response time. I am using a cloud-only deployment. I recently started using Amazon Web Services on the marketplace. I did not purchase through the marketplace. Since Purple AI is hosted in the cloud, stability is not a concern. I have not yet used that particular feature much and will need to explore it further. As a regulated entity, we must follow regulatory requirements. We need to adapt to compliance standards. Our regulatory framework is DPDPA, similar to how other companies follow GDPR in the UK. Security frameworks are implemented across all international standards that we are required to follow. I would rate Purple AI an eight overall for its performance and capabilities.
Data security is important because in today's organizations, they have endpoints, networks, and applications everywhere. With the internet, IoT, and many other AI tools and platforms, many people use AI tools for various products, presentations, and data analytics. Everything is available on the internet today. When it comes to SentinelOne, it provides an XDR solution where Purple AI plays a major role. If an organization has properly integrated all its solutions with XDR and SentinelOne SIEM, then at each level, SentinelOne will have correlated logs where data is flowing if all configurations in other solutions are in place. With respect to data security, SentinelOne does not have a dedicated data security solution. SentinelOne is primarily focused on Next-Gen SIEM, cloud security, identity security, endpoint security, and XDR. These are the key solutions they focus on. With XDR in place, we can integrate other data security solutions such as Netskope, which has DLP at the network layer, or Fortinet, which has DLP at both endpoint and network layers. With those integrations, we can view logs regarding data flows, and that is the only thing we can do from SentinelOne's side. To my knowledge, SentinelOne does not currently have a dedicated DLP or data security solution. My overall rating for this product is 8.5 out of 10.
Purple AI offers real-time threat detection and security enhancement through AI-assisted summaries and natural language processing. Integrated with various tools, it provides quick incident summaries and improves response times across multiple organizations.Purple AI empowers users to manage threats proactively with features like the Threat Hunting Quick Start library, enhancing threat intelligence and simplifying security investigations without needing query language knowledge. It integrates...
I notice a difference in speed using Purple AI compared to legacy SIEMs such as Sumo Logic; it is fast, taking only a few seconds to respond. Sumo Logic has an AI assistant called Sumo Copilot, but it takes much longer, often responding after a minute. In comparison, Purple AI is quicker and does not take much time to give a response. The response time reduction is approximately fifty percent. Purple AI does provide a threat intel feature. If any alert triggers, specifically if a file or IP related to that alert is identified, it automatically reaches threat intel and gives us a result based on that. Data privacy and security in Purple AI meet my needs and requirements; it is good in that regard. Regarding the threat hunting quick start library, it is very useful as it provides us with suggestions based on ongoing attacks, including the striker cyber attacks happening from Iran to other companies. Based on these current attacks, it suggests whether we want to look for IOCs related to the striker attack, and it has predefined templates for that. It is very useful to have these templates.
Purple AI could do something to improve response time. I am using a cloud-only deployment. I recently started using Amazon Web Services on the marketplace. I did not purchase through the marketplace. Since Purple AI is hosted in the cloud, stability is not a concern. I have not yet used that particular feature much and will need to explore it further. As a regulated entity, we must follow regulatory requirements. We need to adapt to compliance standards. Our regulatory framework is DPDPA, similar to how other companies follow GDPR in the UK. Security frameworks are implemented across all international standards that we are required to follow. I would rate Purple AI an eight overall for its performance and capabilities.
Data security is important because in today's organizations, they have endpoints, networks, and applications everywhere. With the internet, IoT, and many other AI tools and platforms, many people use AI tools for various products, presentations, and data analytics. Everything is available on the internet today. When it comes to SentinelOne, it provides an XDR solution where Purple AI plays a major role. If an organization has properly integrated all its solutions with XDR and SentinelOne SIEM, then at each level, SentinelOne will have correlated logs where data is flowing if all configurations in other solutions are in place. With respect to data security, SentinelOne does not have a dedicated data security solution. SentinelOne is primarily focused on Next-Gen SIEM, cloud security, identity security, endpoint security, and XDR. These are the key solutions they focus on. With XDR in place, we can integrate other data security solutions such as Netskope, which has DLP at the network layer, or Fortinet, which has DLP at both endpoint and network layers. With those integrations, we can view logs regarding data flows, and that is the only thing we can do from SentinelOne's side. To my knowledge, SentinelOne does not currently have a dedicated DLP or data security solution. My overall rating for this product is 8.5 out of 10.