Best-in-class, AI-native data pipeline platform will leverage SentinelOne's AI potential to optimize data ingestion, enrich telemetry data, and automatically adapt to evolving threats
SentinelOne (NYSE: S), a global leader in AI-powered cybersecurity, announced its intent to acquire Observo AI, the industry-leading data streaming platform for managing AI-native telemetry data pipelines. The deal will act as an immediate complement and catalyst for SentinelOne's AI SIEM and data offerings, which are already among the company's fastest-growing solutions, helping to accelerate sales in the second quarter of the fiscal year 2026. It will also help SentinelOne usher in a new era of open, intelligent, and autonomous security by reinventing how SOC teams collect, update, and act on data across the entire security ecosystem.
The announcement comes as security teams grapple with the costs, complexity and delays caused by the growing volume of security data, forcing ongoing compromises that reduce visibility and protection, slowing responses. These challenges are exacerbated by data platforms built before the advent of AI-powered SOCs, modern security stacks, and today's increasingly rapid and sophisticated attacks.
Observo offers an AI-powered, real-time telemetry data pipeline that ingests, enriches, summarizes, and routes data across the enterprise, before it even reaches a SIEM or data lake. This allows customers to dramatically reduce costs, improve detection and act faster.
“Security is, at its core, a data problem, and legacy rules-based data pipeline platforms were not designed for growing attack surfaces or new data-intensive security operations,” said Tomer Weingarten, CEO and Co-Founder of SentinelOne. "Observo AI is far ahead of its competitors and will deliver unique benefits to customers with an AI-native data architecture that is open by design, smart by default, and built to deliver the scalability and speed needed for autonomous security operations. As a result, we are able to deliver substantial new value to customers and partners, as well as greater choice, by enabling fast, seamless data delivery to our AI SIEM or any other application."
A new course in data security: open, AI-powered, autonomous
Today, businesses are generating unprecedented volumes of security and observability data across endpoints, cloud workloads, identity systems, GenAI applications and more. However, for too long telemetry data has been trapped in rigid pipelines, burdened by high storage costs, isolated by proprietary formats and limited by legacy acquisition models created in a different era.
Traditional SIEM systems were developed in an era characterized by rigid acquisition processes, high storage costs and manual operations. With Observo AI, SentinelOne will offer AI SIEM,
For customers, this means SOC teams will be able to resolve threats faster, dramatically reduce data costs, and streamline operations across their entire environment. These capabilities will be delivered at the edge, streaming and at scale and will include:
- The freedom to integrate any element, anywhere: Observo AI supports open formats such as OCSF, JSON, OTLP, and Parquet, allowing companies to easily ingest, route, enrich, and forward telemetry data to any destination, including SIEMs, data lakes, security tools, and cloud platforms. No constraints. No compromise. Only data where you need it, when you need it.
- AI-powered enrichment and filtering at the source: Before being stored or analyzed, the data is already available. Observo AI performs real-time classification, filtering, correlation and synthesis using AI models, ensuring that only the most relevant, up-to-date and context-rich telemetry streams flow downstream. This means faster detection, more precise response and significantly lower costs.
- Efficiency without sacrifices: Thanks to the targeted reduction of up to 80% of the data volume and the possibility to replenish logs with maximum precision on demand, Observo AI redefines the concept of cost efficiency. Businesses get the best of both worlds: streamlined, real-time operational pipelines and deep historical context available when needed.
- Security, data governance and observability at industrial scale: Designed for businesses with thousands of data sources, Observo AI includes centralized asset management, zero-touch updates, personal information filtering, and automatic discovery of new data types, ensuring data integrity, compliance, and security across every system scope.
- Designed for human and artificial intelligence: With natural language queries, threat enrichment, and context-aware anomaly detection, Observo AI enables both human analysts and AI Agents to act faster and more intelligently, powering an ecosystem where people and machines work together, without conflict.
Powered by SentinelOne's AI-native and Data Foundation
The acquisition builds on years of investment in hyperscale data infrastructure already underlying SentinelOne's Singularity platform. Observo AI will enhance that foundation with an intelligent, policy-based data pipeline optimized for real-time enrichment, filtering and forwarding, before data reaches the storage or analytics levels.
The result is an end-to-end architecture that ingests data from any source, makes it smarter in transit, and stores it with the highest fidelity, providing faster insights, lower costs, and greater control over the entire lifecycle of your security data. This foundation also paves the way for the next frontier in security: AI Agentic workflows, where autonomous agents leverage enriched, real-time data to detect, decide, and respond with human-level reasoning at machine speed.
“Observo AI was born in the age of AI and cloud to help security and DevOps teams manage previously unimaginable data problems, as a means to defend a growing attack surface,” said Gurjeet Arora, Co-Founder and CEO of Observo AI. "Combining Observo's AI-native data pipeline with the world's best AI-native cybersecurity platform is a big win for customers and an opportunity for our team to work with an incredible network of partners, resellers and fellow innovators. As part of SentinelOne, we have the opportunity to define the future of autonomous security and solve the data problems that make it possible."
“The acquisition is the next phase in SentinelOne's vision to build the industry's most autonomous and open AI-powered security platform,” concluded Weingarten.
Transaction details
SentinelOne will acquire Observo AI with a combination of cash and stock. The transaction is expected to close in the third quarter of SentinelOne's fiscal 2026, subject to regulatory approvals and customary closing conditions.
Forward-Looking Statements
This release is about the pending acquisition of Observo AI (“Observo”) by SentinelOne, Inc. This release contains forward-looking statements that involve risks and uncertainties, including statements regarding the expected benefits of the acquisition and the timing and closing of the acquisition. The forward-looking statements contained in the release are subject to known and unknown risks, uncertainties, assumptions and other factors that could cause actual results to differ materially from future results expressed or implied by the forward-looking statements. Such risks, uncertainties, assumptions and other factors include, but are not limited to: the effect of the acquisition announcement on Observo's ability to retain key personnel or maintain relationships with customers, suppliers and other business partners; the risks that the acquisition disrupts current plans and operations; the ability of the parties to complete the acquisition in a timely manner or to complete it tout court; the satisfaction of the conditions preliminary to the completion of the acquisition; SentinelOne's capabilities to successfully integrate Observo's operations; the capabilities of SentinelOne and those of Observo to implement their respective commercial strategies relating to the acquisition and to realize the expected benefits and synergies; SentinelOne's ability to compete effectively, including in response to actions that competitors may take following the announcement of the acquisition; and the effects of general macroeconomic conditions.
Forward-looking statements reflect management's current expectations and information available as of the date hereof and are inherently uncertain. Actual results may differ materially for a variety of reasons. Please refer to the documents we file from time to time with the SEC, particularly SentinelOne's Annual Report on Form 10-K and its Quarterly Reports on Form 10-Q, as such documents contain and identify important risk factors and other information that could cause actual results to differ materially from those contained in the forward-looking statements. Except as required by law, SentinelOne and Observo undertake no obligation to update forward-looking statements to reflect new information or future events.
All brands mentioned are trademarks or registered trademarks of their respective companies.
