There are still areas that could be improved. People will talk more about the storage part and the analytics piece. Sometimes they provide architecture use cases that all have limitations. The only concern related to pricing is the ingestion-based pricing model, which is higher at scale. Regarding the solution stability, the only concern is the prompting requirement. We have to provide prompts in a proper manner, otherwise it will not work correctly. This is related to all AI solutions having similar issues. It is not unique to Purple AI.
We have not tested in that manner because when comparing with the competition product CrowdStrike, Purple AI and CrowdStrike are pretty good and more or less equal in the way of responding to a query. On the technical side, I can compare Purple AI with CrowdStrike's threat intelligence. CrowdStrike was initially a breach investigation company and was in the Indian market well before SentinelOne, acquiring more significant ground. We have used Charlotte AI, which is provided by CrowdStrike, the direct competitor of SentinelOne. These two have key differences. Charlotte AI focuses more on IOAs and IOCs, whereas Purple AI helps us query the logs and hunt threats. As an improvement, if SentinelOne could focus on IOA similar to what CrowdStrike is giving, that would be a good point. They could feed information on IOA, such as based on attackers, what different attack groups are performing the attacks, and provide those insights. Compared to its competition, for doing DFIR (Digital Forensics and Incident Response), not only IOCs are needed but also IOAs. Information about the indication of the attacker, who is attacking, and the attacker group history would be better if Purple AI could incorporate that. We can build some queries and automated responses for any suspicious or malicious conditions. It would be better if there were workflows in place for giving alerts. The way alerts are handled could be improved because when compared to other competing products, I am able to handle the technique of the threat and categorize it based on severity. If it has a major impact on the environment, I can contain the system. I have numerous options to create various kinds of alerts.
Purple AI marks a significant advancement in the cybersecurity landscape, offering comprehensive benefits to enhance the efficiency and effectiveness of cybersecurity teams. The platform leverages generative artificial intelligence to revolutionize the approach to threat hunting, investigations, and responses, providing a suite of tools that streamline these critical security functions.
There are still areas that could be improved. People will talk more about the storage part and the analytics piece. Sometimes they provide architecture use cases that all have limitations. The only concern related to pricing is the ingestion-based pricing model, which is higher at scale. Regarding the solution stability, the only concern is the prompting requirement. We have to provide prompts in a proper manner, otherwise it will not work correctly. This is related to all AI solutions having similar issues. It is not unique to Purple AI.
We have not tested in that manner because when comparing with the competition product CrowdStrike, Purple AI and CrowdStrike are pretty good and more or less equal in the way of responding to a query. On the technical side, I can compare Purple AI with CrowdStrike's threat intelligence. CrowdStrike was initially a breach investigation company and was in the Indian market well before SentinelOne, acquiring more significant ground. We have used Charlotte AI, which is provided by CrowdStrike, the direct competitor of SentinelOne. These two have key differences. Charlotte AI focuses more on IOAs and IOCs, whereas Purple AI helps us query the logs and hunt threats. As an improvement, if SentinelOne could focus on IOA similar to what CrowdStrike is giving, that would be a good point. They could feed information on IOA, such as based on attackers, what different attack groups are performing the attacks, and provide those insights. Compared to its competition, for doing DFIR (Digital Forensics and Incident Response), not only IOCs are needed but also IOAs. Information about the indication of the attacker, who is attacking, and the attacker group history would be better if Purple AI could incorporate that. We can build some queries and automated responses for any suspicious or malicious conditions. It would be better if there were workflows in place for giving alerts. The way alerts are handled could be improved because when compared to other competing products, I am able to handle the technique of the threat and categorize it based on severity. If it has a major impact on the environment, I can contain the system. I have numerous options to create various kinds of alerts.