SentinelOne today opened Purple AI Agentic Investigations to its customers and introduced Singularity Credits, a unified currency for running AI-powered work across the Singularity Platform. Starting this week, customers can opt into a complimentary trial of the newest capability from Purple AI, SentinelOne’s autonomous security reasoning for the agentic SOC. That capability — ‘zero-click,’ autonomously initiated investigations — detects, investigates, verifies, and responds to threats without human dependencies. When a threat crosses a defined threshold, Purple AI investigates, renders a verdict, and stops it at machine speed, while analysts keep full visibility and control.
The capability arrives as security teams confront a hard limit, not detection, but investigation capacity. Detections climb with every new tool and every expansion of the attack surface, alerts queue for attention, and verdicts wait on analyst availability, with coverage thinning on nights, weekends, and during surges. Frontier-AI-powered threats are poised to widen that gap further.
Why SOC Teams Are Adopting Purple AI Agentic Investigations
- Seamlessly integrated — zero configuration, working from day one.
Purple AI is built into the Singularity Platform, not bolted onto it. Agentic Investigations run on telemetry already in the platform — across endpoint, identity, cloud, and third-party security data — inside the automated workflows customers already use. There is nothing to deploy, integrate, or tune, and no data leaves the platform. Activation is a single click.
- A force multiplier for every analyst.
Purple AI does the investigation work — collecting evidence, correlating telemetry, and building the attack timeline — so analysts start at the verdict instead of the alert. It scales a team’s investigation capacity without scaling headcount, and frees analysts for the judgment, threat hunting, and response decisions that need a human. It is designed as an extension of the analyst: amplifying human defenders, not replacing them.
- Fully audited — governed autonomy, no black box
Every verdict carries a complete, auditable evidence chain, so analysts can review each AI step and outcome with confidence. Customers set the degree of autonomy through an adjustable human-in-the-loop approach that scales to their confidence and SOC maturity — verdicts can trigger automated, policy-driven responses, or prompt an analyst with recommended actions. Activation is admin-controlled, role-based, and reversible at any time, and consumption guardrails keep usage and downstream cost in the hands of those with the right authority.
- Built on the most advanced reasoning in security
Purple AI is the reasoning brain and interface for the entire Singularity Platform. It brings human-level reasoning from advanced frontier-AI models to bear through a multi-model approach — combining Anthropic’s Claude, OpenAI’s GPT, and SentinelOne’s proprietary “Ultraviolet” models — to compress investigations that once took hours or days into minutes and seconds. For critical threats, investigations trigger automatically and deliver verdicts that can be acted on autonomously or by an analyst.
The introduction of Singularity Credits
Singularity Credits are a flexible, unified currency customers draw down across AI-powered work in the Singularity Platform, including Purple AI Agentic Investigations. To start, SentinelOne is granting customers a complimentary allotment of Credits to trial the capability.
Delivering on the agentic SOC by amplifying defenders, not replacing them
Agentic Investigations advances SentinelOne’s vision of the agentic SOC: one where frontier-AI reasoning amplifies and scales human defenders rather than sidelining them. Purple AI acts as the brain and interface for the entire platform from simplifying querying, to recommending actions, to autonomously detecting, triaging, and stopping threats. Because it operates natively on AI, endpoint, identity, cloud, and third-party telemetry already in the Singularity Platform, it drives Singularity to be an agentic realization of the integrated security operations center (ISOC) category defined by Gartner.
Availability & access
The Purple AI Agentic Investigations trial is now available in Singularity consoles. New and existing Singularity customers can opt in and begin running agentic investigations immediately. Investigations consume Singularity Credits during the trial, but customers are not charged and no payment method is required. The complimentary trial is currently planned to run through August 15, 2026. After the trial, customers can purchase Singularity Credits through partners, direct billing, and eCommerce.
Related
This entry was posted on June 17, 2026 at 9:19 am and is filed under Commentary with tags SentinelOne. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
SentinelOne Opens Purple AI Agentic Investigations to All Customers, Bringing Frontier AI Directly Into the SOC
SentinelOne today opened Purple AI Agentic Investigations to its customers and introduced Singularity Credits, a unified currency for running AI-powered work across the Singularity Platform. Starting this week, customers can opt into a complimentary trial of the newest capability from Purple AI, SentinelOne’s autonomous security reasoning for the agentic SOC. That capability — ‘zero-click,’ autonomously initiated investigations — detects, investigates, verifies, and responds to threats without human dependencies. When a threat crosses a defined threshold, Purple AI investigates, renders a verdict, and stops it at machine speed, while analysts keep full visibility and control.
The capability arrives as security teams confront a hard limit, not detection, but investigation capacity. Detections climb with every new tool and every expansion of the attack surface, alerts queue for attention, and verdicts wait on analyst availability, with coverage thinning on nights, weekends, and during surges. Frontier-AI-powered threats are poised to widen that gap further.
Why SOC Teams Are Adopting Purple AI Agentic Investigations
Purple AI is built into the Singularity Platform, not bolted onto it. Agentic Investigations run on telemetry already in the platform — across endpoint, identity, cloud, and third-party security data — inside the automated workflows customers already use. There is nothing to deploy, integrate, or tune, and no data leaves the platform. Activation is a single click.
Purple AI does the investigation work — collecting evidence, correlating telemetry, and building the attack timeline — so analysts start at the verdict instead of the alert. It scales a team’s investigation capacity without scaling headcount, and frees analysts for the judgment, threat hunting, and response decisions that need a human. It is designed as an extension of the analyst: amplifying human defenders, not replacing them.
Every verdict carries a complete, auditable evidence chain, so analysts can review each AI step and outcome with confidence. Customers set the degree of autonomy through an adjustable human-in-the-loop approach that scales to their confidence and SOC maturity — verdicts can trigger automated, policy-driven responses, or prompt an analyst with recommended actions. Activation is admin-controlled, role-based, and reversible at any time, and consumption guardrails keep usage and downstream cost in the hands of those with the right authority.
Purple AI is the reasoning brain and interface for the entire Singularity Platform. It brings human-level reasoning from advanced frontier-AI models to bear through a multi-model approach — combining Anthropic’s Claude, OpenAI’s GPT, and SentinelOne’s proprietary “Ultraviolet” models — to compress investigations that once took hours or days into minutes and seconds. For critical threats, investigations trigger automatically and deliver verdicts that can be acted on autonomously or by an analyst.
The introduction of Singularity Credits
Singularity Credits are a flexible, unified currency customers draw down across AI-powered work in the Singularity Platform, including Purple AI Agentic Investigations. To start, SentinelOne is granting customers a complimentary allotment of Credits to trial the capability.
Delivering on the agentic SOC by amplifying defenders, not replacing them
Agentic Investigations advances SentinelOne’s vision of the agentic SOC: one where frontier-AI reasoning amplifies and scales human defenders rather than sidelining them. Purple AI acts as the brain and interface for the entire platform from simplifying querying, to recommending actions, to autonomously detecting, triaging, and stopping threats. Because it operates natively on AI, endpoint, identity, cloud, and third-party telemetry already in the Singularity Platform, it drives Singularity to be an agentic realization of the integrated security operations center (ISOC) category defined by Gartner.
Availability & access
The Purple AI Agentic Investigations trial is now available in Singularity consoles. New and existing Singularity customers can opt in and begin running agentic investigations immediately. Investigations consume Singularity Credits during the trial, but customers are not charged and no payment method is required. The complimentary trial is currently planned to run through August 15, 2026. After the trial, customers can purchase Singularity Credits through partners, direct billing, and eCommerce.
Share this:
Like this:
Related
This entry was posted on June 17, 2026 at 9:19 am and is filed under Commentary with tags SentinelOne. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.