SentinelOne’s annual event, OneCon, has spotlighted the dual focus of protecting AI workloads and leveraging AI technology for organizational security. This year, the cybersecurity company is enhancing its Singularity Platform and integrating capabilities from recently acquired firms, particularly Prompt Security and Observo AI.
With the acquisition of Observo AI, SentinelOne is enhancing its Singularity Platform, resulting in a unique security information and event management (SIEM) offering that combines pre-ingestion analytics with flexible data collection. The streaming architecture of Observo AI was a major factor in its acquisition, as it allows security tasks to be largely automated in real-time, ultimately creating what SentinelOne describes as an “AI-ready data pipeline.”
Additionally, SentinelOne is rolling out four new products under the Prompt Security brand, primarily aimed at safeguarding generative AI use within organizations. A key product, Prompt Security for Employees, provides real-time oversight and control over the usage of AI tools by employees, supporting over 15,000 AI platforms. This initiative addresses the shadow AI issue, where employees may utilize unapproved AI tools, while also offering protections against data breaches, DDoS attacks, and potential coding vulnerabilities in AI applications.
The developments signify that AI protection is becoming a normalized aspect of cybersecurity. The integration of Prompt Security into SentinelOne’s existing systems presents a natural expansion of security measures familiar to practitioners within the industry.
Furthermore, notable updates to the AI analyst, Purple AI, now make it an agentic solution with enhanced capabilities. Its new feature of in-line agentic auto-investigations incorporates dynamic reasoning, which conducts comprehensive investigations and offers impact analyses along with recommended responses. While these automated processes streamline many tasks, human security personnel continue to play a vital role in decision-making.
Purple AI now also collaborates with Singularity Hyperautomation to run pre-approved workflows, enabling notifications via applications like Slack so that security teams can be informed during investigations and receive suggestions for action. The tool further enhances its functionality by generating custom detection rules based on investigation outcomes, supporting security teams in their efforts while ensuring they remain in control.
In a move towards fostering collaboration, SentinelOne is introducing the Model Context Protocol (MCP) Server, which opens Purple AI to external applications. This universal interface allows developers to construct custom agentic AI experiences utilizing data from the SentinelOne platform, further empowering security solutions. The MCP Server is now available as an open-source option on GitHub, promoting innovation and accessibility within the security landscape.
Overall, SentinelOne’s advancements highlight a proactive approach to incorporating AI in safeguarding both workloads and organizational structures, showcasing the future of cybersecurity as an increasingly intelligent and integrated domain.