New AI Securing Solutions, AI-Ready Data Pipelines, and Expanded Purple AI Agentic Capabilities Featured in the Innovation Showcase
SentinelOne (NYSE: S), a global leader in AI-powered cybersecurity, unveiled its vision, roadmap and new portfolio for securing an AI-powered world at OneCon 2025. Starting from the protection of AI tools, applications and agents to the transformation and automation of security operations, the security strategy based on SentinelOne AI will help customers accelerate and reduce risks arising from AI.
The news and innovations presented at OneCon 2025 are all focused on how enterprises can protect AI systems and have autonomous security. These include the introduction and availability of a new AI security portfolio, new AI-ready data pipelines and orchestration through the integration of Observo AI and Singularity AI SIEM, the extension of Purple AI, SentinelOne's best-in-class analyst for agentic security, and the release of new managed threat detection and response services based on on the AI Wayfinder.
"SentinelOne has long believed that companies must confidently exploit the revolutionary potential of AI. This means enabling them to master both security disciplines: security for AI and AI for security,” said Tomer Weingarten, CEO of SentinelOne. “At OneCon 2025 we not only outlined a future vision for AI security, but communicated the platform, tools, strategies and services needed to develop, protect and exploit AI today, in a simple, fast and safe way”.
New portfolio for AI security
AI models, recommendations, agents, and data pipelines have become the new attack surface. At the same time, security teams are overwhelmed by the data, complexity and velocity of AI-related risks.
At OneCon 2025, SentinelOne put security professionals in charge of the AI boom, introducing a new security suite focused on protecting known and hidden uses of GenAI, encryption, data exfiltration, agents and more. Three new solutions available on the market and one in beta version have been included, to make the promise of AI security a reality today.
- Prompt Security for collaborators: Offers real-time visibility and control over collaborators' use of GenAI. Supporting over 15,000 AI sites, it detects and eliminates Shadow AI risks and prevents the exposure of sensitive data.
- Prompt Security for AI code developers- Secures the use of GenAI coding tools by instantly removing secret codes, personal information, and intellectual property from the code to prevent data leaks. The real-time vulnerable code reader blocks unsafe or malicious AI-generated output before going into production, helping developers code faster and more securely while maintaining control and compliance of the organization.
- Prompt Security for AI applications: Protects custom AI solutions, from chatbots to complex automation, from emerging threats like denial-of-wallet and remote code execution.
- Prompt Security per l’AI Agentic (Beta) – Provides real-time visibility, risk assessment and governance for autonomous AI agents based on the Model Context Protocol (MCP), the first comprehensive solution to secure, monitor and control agentic AI operations at machine speed.
New AI-ready data pipeline
Following the recent acquisition of Observo AI, SentinelOne introduces the first integration into its Singularity platform, offering customers a new AI-native data platform that powers security agent operations and redefines how they collect, enrich and act on data across the entire security ecosystem.
- The integration of Observo AI with Singularity™ AI SIEM – combines intelligent control of native AI streaming data with AI-powered analytics and orchestration, optimizing data pipelines for advanced detection and autonomous response across all security data. Observo AI's revolutionary streaming architecture efficiently ingests and normalizes petabytes of data from any source, then prioritizes and routes the most important data to the Singularity AI SIEM. This combination creates the only SIEM on the market that can provide both pre-ingestion analytics and flexible pull/stream data collection.
New and expanded features of Purple AI
SentinelOne unveiled major new features of Purple AI, the category-defining AI-powered security analyst. The features are designed to help security teams stay ahead of attacks with autonomous security.
These capabilities include the latest advances in Purple AI triage, investigations and workflows, combining human reasoning with orchestration and automated response. Based on Purple's roadmap, the capabilities are focused on reducing detection, investigation and response times from hours to minutes for analysts, allowing analysts to focus on high-risk critical incidents that require domain experts:
- Automatic investigations in line with dynamic reasoning (preview) – One-click, end-to-end automated investigations that include discovery, alert triage, hypothesis validation, impact analysis, recommended response, and proactive custom rule creation. Purple AI shifts the paradigm from AI-assisted people work to analyst-approved AI work, with every step and conclusion clearly documented in a single survey report for operator approval. Purple's AI agents enable you to reason about problems, dynamically navigate with high precision when discovering new information, and determine clear response actions for the analyst to take.
- Automated and agentic investigations and responses through the integration of Purple AI with Singularity Hyperautomation (preview) – Purple AI integrates seamlessly with Singularity Hyperautomation to execute customer pre-approved workflows to both conduct agentic investigations, validating hypotheses through actions such as contacting expert analysts via Slack, and to proactively surface pre-approved recommended actions to take.
- Creating custom detection rules (preview) – In the investigations panel, analysts can receive proactively recommended custom detection rules that can be created with a single click, allowing security teams to immediately identify and block similar attacks before they spread.
SentinelOne will also introduce new ways to bring the power of Purple AI to third-party and custom AI applications, starting with MCP servers, the first in a series of new innovations designed to extend Purple AI to other apps and platforms.
- Purple AI Model Context Protocol (MCP) Server – It provides secure, seamless integration between the Singularity platform and any AI framework or large language model. Acting as a universal translator and intelligence hub, it enables developers and partners to create personalized AI experiences, based on the full context and analytics of the SentinelOne platform. Il server Purple AI MCP open source is available today on GitHub.
