5 Big SentinelOne AI Announcements At OneCon 2025

The cybersecurity vendor is unveiling new capabilities for AI security, agentic security operations and AI-powered threat detection.

SentinelOne unveiled an array of new products Wednesday aimed at securing the usage of AI while also utilizing GenAI and agentic technologies for boosting cyber defense.

The cybersecurity vendor is debuting the products in connection with its OneCon 2025 conference, being held this week in Las Vegas. Major updates included new capabilities for AI security, agentic security operations and AI-powered threat detection.

The moves come as SentinelOne is moving aggressively to become a centralized platform for orchestrating all security tools and data sources, as a way to provide the real-time, autonomous security that partners and customers are calling for, SentinelOne Co-founder and CEO Tomer Weingarten told CRN in October.

At the same time, a large portion of the cybersecurity tools sold and deployed over the past decade could be displaced over time with the emergence of AI agents, creating massive opportunities for solution and service providers, Weingarten said during the interview.

Overall, “I think a lot of the stuff that we’ve been selling, deploying, implementing in the past decade — I think a lot of it’s going to become irrelevant,” he said. “That’s really where we see AI and the inception of agentic capabilities.”

Among the product launches announced Wednesday, several are based around recent startup acquisitions by SentinelOne while one announcement, in the area of threat detection and response, leverages a partnership with Google Cloud.

What follows are the key details on SentinelOne’s major announcements at OneCon 2025.

Prompt Security Launches

SentinelOne debuted a portfolio of AI security offerings Wednesday in connection with its $180 million acquisition of Prompt Security, announced in August.

One of the products, Prompt Security for Employees, offers enhanced visibility into GenAI usage by workers as well as prevention of data exposure. The offering for thwarting “shadow AI” supports more than 15,000 AI services and tools, SentinelOne said.

Other launches include Prompt Security for AI Code Assistants — which protects the usage of GenAI-powered coding tools — as well as security for custom-built AI software with Prompt Security for AI Applications.

Those three products are now generally available, SentinelOne said.

A fourth product, Prompt Security for Agentic AI, is now in beta. The tool delivers visibility and governance for AI agents that leverage the widely used Model Context Protocol (MCP), according to SentinelOne.

Observo AI Integration

In September, SentinelOne announced it had reached a $225 million deal to acquire Observo AI, which offers a data streaming platform that can enable AI-native management of data pipelines.

At OneCon 2025 on Wednesday, SentinelOne unveiled the first integration for Observo AI into its Singularity Platform, with new capabilities utilizing the technology in Singularity AI SIEM.

The integration aims to optimize data pipelines for autonomous threat detection and response, through bringing together streaming data control and AI-driven analytics and orchestration, the company said.

Combining the Observo AI capabilities with Singularity AI SIEM “creates the only SIEM on the market” that can analyze data before it’s added to a system while enabling flexible data collection options, SentinelOne said.

Wayfinder Threat Detection And Response

SentinelOne also used its OneCon 2025 conference to debut a new portfolio of managed services tapping into AI advancements and human expertise — as well as a partnership with Google Cloud.

The new suite of services, Wayfinder Threat Detection and Response, provides faster and more proactive cyber defense through combining AI and agentic capabilities with “elite-level” cybersecurity professionals, SentinelOne said in a news release.

The Wayfinder portfolio also gets a boost through gaining insights from Google Threat Intelligence, which provides crucial threat context to all alerts, according to SentinelOne.

The cybersecurity vendor announced four services as part of the initial Wayfinder launch. Wayfinder Threat Hunting combines human threat hunters with SentinelOne AI and Google Threat Intelligence, while Wayfinder Incident Readiness and Response provides improved post-incident assistance.

Meanwhile, Wayfinder MDR Essentials delivers enhanced AI-powered alerting and triage, and Wayfinder MDR Elite offers a “premium, high-touch MDR service” that adds incident readiness and response experts as well as threat advisors on top of the MDR Essentials service, SentinelOne said.

Purple AI Expansion

At OneCon 2025, SentinelOne debuted a major expansion of capabilities for its Purple AI security operations tool, including In-line Agentic Auto-investigations with dynamic reasoning.

The capability provides “end-to-end” investigations powered by agentic, from discovery and alert assessment to impact analysis, response recommendations and rule creation, SentinelOne said.

The vendor also debuted agentic investigation and response — made possible by an integration between Purple AI and Singularity Hyperautomation — as well as agentic—powered custom detection rule creation.

The three new Purple AI capabilities are now in preview, SentinelOne said.

Purple AI MCP Server

As MCP servers become the standard way for AI agents to easily discover and use other tools and resources, SentinelOne announced its Purple AI MCP Server to offer simplified integration between its Singularity Platform and AI frameworks or LLMs.

The Purple AI MCP Server ultimately enables partners and developers to create “custom agentic AI experiences powered by the full context and analytics of SentinelOne’s platform,” the company said in its news release.

The vendor’s open-source Purple AI MCP Server is now available on GitHub, SentinelOne said.