Today, on the main stage at OneCon 2025, SentinelOne is taking the wraps off its vision, roadmap, and new portfolio for securing an AI-powered world. From securing AI tools, applications, and agents to transforming and automating security operations, SentinelOne’s AI Security strategy and new innovations will help customers accelerate and de-risk their AI advantage.
Introducing a new portfolio for securing AI, new AI-ready data pipelines, the expansion of Purple AI, SentinelOne’s category-best agentic security analyst, the debut of new AI-powered threat detection and response managed services, and more, the new innovations revealed at OneCon 2025 will focus on how our customers and partners can both secure AI systems and achieve autonomous security today.
Securing AI: New Prompt Security Offerings
At OneCon 2025, SentinelOne is putting customers in control of AI in their organization by introducing a new suite focused on securing known and shadow GenAI use, coding, data leakage, agents and more.
- Prompt Security for Employees – Delivers real-time visibility and control over employee GenAI usage. Supporting more than 15,000 AI sites, it detects and eliminates shadow AI risks and prevents sensitive data exposure.
- Prompt Security for AI Code Assistants – Secures the use of GenAI coding tools by instantly redacting secrets, PII, and IP from code to prevent data leaks. Its real-time Vulnerable Code Scanner blocks insecure or malicious AI-generated outputs before production, helping developers code faster and safer while maintaining organizational control and compliance.
- Prompt Security for AI Applications – Protects custom-built AI solutions, from chatbots to complex automations, against emerging threats like denial-of-wallet and remote code execution (RCE).
- Prompt Security for Agentic AI (Beta) – Provides real-time visibility, risk assessment, and governance for autonomous AI agents built on the Model Context Protocol (MCP) – the first comprehensive solution to secure, monitor, and control agentic AI operations at machine speed.
New AI-Ready Data Pipeline: Integrating Observo AI & Singularity AI SIEM
Following the recent acquisition of Observo AI, SentinelOne is introducing the first integration into its Singularity
Platform, giving customers a new AI-native data platform to reimagine how they collect, enrich, and act on data across their entire security ecosystem and power their agentic security operations.
Observo AI’s Integration with Singularity AI SIEM, unites intelligent AI-native streaming data control with agentic AI-powered analytics and orchestration, optimizing data pipelines for enhanced threat detection and autonomous response across all security data. Observo AI efficiently ingests and normalizes petabytes of data from any source, then prioritizes and routes what matters most into Singularity AI SIEM. This unique, transformative combination creates the only SIEM on the market to provide both pre-ingestion analytics and flexible pull/stream data collection.
Expanding Purple AI & New Model Context Protocol Innovations
SentinelOne will also showcase the latest advancements in Purple AI’s agentic triaging, investigations, and workflows, bringing together human-level reasoning with orchestration and automated response. Building on Purple’s agentic roadmap, the capabilities are focused on cutting detection, investigation, and response from hours to minutes for analysts.
- In-line Agentic Auto-investigations with Dynamic Reasoning (Preview) – End-to-end one-click agentic investigations spanning discovery, alert assessment, hypothesis validation, impact analysis, recommended response, and proactive custom rule creation. Purple AI shifts the paradigm from human work assisted by AI to AI work approved by humans, with every step and conclusion clearly documented in a single investigation canvas for human approval.
- Automated and agentic investigations and response through Purple AI’s integration with Singularity Hyperautomation for Agentic Investigations & Response Actions (Preview) – Purple AI seamlessly integrates with Singularity Hyperautomation to execute pre-approved customer workflows to both conduct its agentic investigations, validating hypotheses via actions such as contacting human defenders via Slack, and to agentically surface pre-approved recommended actions to execute.
- Agentic Custom Detection Rule Creation (Preview) – In the investigation pane, analysts can receive agentically recommended custom detection rules that can be created with a single click, enabling security teams to immediately identify and stop similar attacks before they spread.
- Purple AI Model Context Protocol (MCP) Server (Generally Available) – Provides secure, seamless integration between the Singularity Platform and any AI framework or large language model. Acting as a universal translator and intelligence hub, it empowers developers and partners to build custom agentic AI experiences powered by the full context and analytics of SentinelOne’s platform. The open-source Purple AI MCP Server is available today on GitHub.
Managed Services for the AI Era: Wayfinder Threat Detection & Response
Wayfinder combines elite human expertise with agentic AI to deliver next-generation managed services. Built on SentinelOne’s telemetry and Google Threat Intelligence, Wayfinder provides AI-powered threat hunting, MDR, and incident response, enabling faster detection, smarter response, and adaptive defense – empowering teams to focus on high-value priorities.
Managing Attack Paths: Mapping Risks & Securing Cloud Data
As cloud-native AI services gain adoption, SentinelOne is advancing unified exposure management with an upcoming release of Cloud Attack Paths and Data Security Posture Management (DSPM) in Singularity Cloud Security. Together, these capabilities deliver an intelligent cloud defense – mapping how interconnected exposures create exploitable pathways to sensitive data. By revealing critical exposures, Singularity Cloud Security empowers threat analysts to see what attackers see, anticipate lateral movement, and eliminate risks wherever they originate and before they can take shape. With AI-powered protections, deflect threats in real time and stop attacks in their tracks
Contextualizing the Identity Surface: Singularity Identity
The next evolution of Singularity Identity is here: a comprehensive solution that unifies all of SentinelOne’s identity security capabilities into one cohesive and contextual security experience. Delivering real-time detection and response, continuous posture assessments, and proactive risk management across hybrid environments, our solution uncovers threats faster while providing security teams with full visibility and protection across their environment. Our full identity profile now features policy-based conditional access – now in beta and purpose-built for dynamic, zero-trust environments.
Conclusion
OneCon25 showcases the next chapter in cybersecurity. With many innovations showcased this year, SentinelOne is delivering AI-native solutions that transform detection, response, and protection across endpoints, cloud, and enterprise systems. By combining automation, intelligence, and human expertise, organizations can act faster, secure smarter, and embrace AI-driven innovation without compromise, making the vision of autonomous, adaptive security a reality today.
Forward Looking Statements
This blog post includes forward-looking statements including, but not limited to, statements concerning our current and future products and services. Forward-looking statements are subject to risks and uncertainties that could cause actual performance or results to differ materially from those expressed in or suggested by the forward-looking statements. These and other risk factors are described in the “Risk Factors” section of our most recent Annual Report on Form 10-K, subsequent Quarterly Reports on Form 10-Q, and other filings made with the U.S. Securities and Exchange Commission (SEC), which are available free of charge on the SEC’s website at www.sec.gov.
You are cautioned not to place undue reliance on these forward-looking statements. Any future products, functionality and services may be abandoned or delayed, and as such, you should make decisions to purchase products and services based on features that are currently available. Any forward-looking statements made in this document are based on our beliefs and assumptions that we believe to be reasonable as of the date hereof. Except to the extent required by law, we undertake no obligation to update these forward-looking statements to reflect new information or future events.