SentinelOne turns Purple AI loose to investigate threats on its own - SiliconANGLE

SentinelOne turns Purple AI loose to investigate threats on its own

SentinelOne Inc. today opened its Purple AI Agentic Investigations capability to all customers, adding autonomous threat investigation that runs without an analyst having to launch it.

The feature is available this week as a free trial inside the company’s Singularity Platform. It can work through a threat on its own, from spotting it to deciding what it is to acting on the verdict.

When something crosses a threshold the customer sets, Purple AI digs in, reaches a conclusion and moves to shut the threat down and analysts can watch it happen and step in at any point. SentinelOne calls the feature “zero-click” because the investigation kicks off by itself rather than waiting for someone to open it.

The pitch targets a specific bottleneck. Detections rise with every new tool and every expansion of the attack surface, but verdicts still wait on analyst availability and coverage thins on nights, weekends and during surges. SentinelOne argues that investigation capacity has become the real limit in most security operations centers, ahead of detection, and that AI-driven attacks will stretch that gap further.