Dubai, United Arab Emirates, SentinelOne, the leader in AI-native cybersecurity, announced its vision, roadmap, and new portfolio for securing an AI-powered world at OneCon 2025. From securing AI tools, applications, and agents to transforming and automating security operations, SentinelOne’s AI Security strategy will help customers accelerate and derisk their AI advantage.

All of the announcements and innovations at OneCon 2025 will focus on how organizations can both secure AI systems and achieve autonomous security today. These include the introduction and general availability of a new portfolio for securing AI, new AI-ready data pipelines and orchestration through the integration of Observo AI and Singularity AI SIEM, the expansion of Purple AI, SentinelOne’s category-best agentic security analyst, and the debut of new Wayfinder AI-powered threat detection and response managed services.

“SentinelOne has long believed that enterprises should be able to capitalize on the transformative power of AI with confidence. And that means empowering them to master two security disciplines at once – Security for AI and AI for Security,” said Tomer Weingarten, CEO of SentinelOne. “At OneCon 2025, we’re not just laying out a future vision for AI Security, we’re delivering the platform, tools, strategies and services they need to build, secure and capitalize on AI today, in a simple, fast and secure way.”

New portfolio for securing AI

AI models, prompts, agents, and data pipelines have become the new attack surface. At the same time, security teams are overwhelmed by the inherent data, complexity, and speed of AI risks.

At OneCon 2025 SentinelOne is putting defenders in control of the AI boom, unveiling a new security suite focused on securing known and shadow GenAI use, coding, data leakage, agents and more. This will include three new generally available offerings and one in beta, to make the promise of AI security a reality today.

Prompt Security for Employees delivers real-time visibility and control over employee GenAI usage. Supporting more than 15,000 AI sites, it detects and eliminates Shadow AI risks and prevents sensitive data exposure. Prompt Security for AI Code Assistants secures the use of GenAI coding tools by instantly redacting secrets, PII, and IP from code to prevent data leaks. Its real-time Vulnerable Code Scanner blocks insecure or malicious AI-generated outputs before production, helping developers code faster and safer while maintaining organizational control and compliance.

Prompt Security for AI Applications protects custom-built AI solutions, from chatbots to complex automations, against emerging threats like denial-of-wallet and remote-code execution and Prompt Security for Agentic AI (Beta) provides real-time visibility, risk assessment, and governance for autonomous AI agents built on the Model Context Protocol (MCP), the first comprehensive solution to secure, monitor, and control agentic AI operations at machine speed.

New AI-ready Data Pipeline

Following the recent acquisition of Observo AI, SentinelOne is introducing the first integration into its Singularity Platform, giving customers a new AI-native data platform to power their agentic security operations and reimagine how they collect, enrich, and act on data across their entire security ecosystem.

Observo AI Integration with Singularity AI SIEM unites intelligent AI-native streaming data control with agentic AI-powered analytics and orchestration, optimizing data pipelines for enhanced threat detection and autonomous response across all security data. Observo AI’s revolutionary streaming architecture efficiently ingests and normalizes petabytes of data from any source, then prioritizes and routes what matters most into Singularity AI SIEM. This unique, transformative combination creates the only SIEM on the market to provide both pre-ingestion analytics and flexible pull/stream data collection.

New and Expanded Purple AI Capabilities

SentinelOne will also showcase significant new capabilities to its popular, category-defining agentic AI security analyst, Purple AI at OneCon 2025 all designed to help security teams stay ahead of sophisticated attacks with autonomous security.

These will feature the latest advancements in Purple AI’s agentic triaging, investigations, and workflows, bringing together human-level reasoning with orchestration and automated response. Building on Purple’s agentic roadmap, the capabilities are focused on cutting detection, investigation, and response from hours to minutes for analysts, enabling humans to focus on the critical high-stakes incidents requiring human expertise.

In-line Agentic Auto-investigations with Dynamic Reasoning (Preview) – End-to-end one-click agentic investigations spanning discovery, alert assessment, hypothesis validation, impact analysis, recommended response, and proactive custom rule creation. Purple AI shifts the paradigm from human work assisted by AI to AI work approved by humans, with every step and conclusion clearly documented in a single investigation canvas for human approval. Purple’s AI agents enable it to reason through problems, dynamically pivot with high accuracy when it discovers novel information, and determine clear response actions for human execution.

Automated and agentic investigations and response through Purple AI’s integration with Singularity Hyperautomation (Preview) – Purple AI seamlessly integrates with Singularity Hyperautomation to execute pre-approved customer workflows to both conduct agentic investigations, validating hypotheses via actions such as contacting human defenders via Slack, and to agentically surface pre-approved recommended actions to execute.

Agentic custom detection rule creation (Preview) – In the investigation pane, analysts can receive agentically recommended custom detection rules that can be created with a single click, enabling security teams to immediately identify and stop similar attacks before they spread.

SentinelOne will also introduce new ways to bring the power of Purple AI to third-party and custom AI applications, starting with MCP Servers, the first in a series of new innovations designed to extend Purple AI to other apps and platforms.

Purple AI Model Context Protocol (MCP) Server – Provides secure, seamless integration between the Singularity Platform and any AI framework or large language model. Acting as a universal translator and intelligence hub, it empowers developers and partners to build custom agentic AI experiences powered by the full context and analytics of SentinelOne’s platform. The open-source Purple AI MCP Server is available today on GitHub.

SentinelOne is a leading AI-powered cybersecurity platform. Built on the first unified Data Lake, SentinelOne empowers the world to run securely by creating intelligent, data-driven systems that think for themselves, stay ahead of complexity and risk, and evolve on their own. Leading organizations—including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments—trust SentinelOne to Secure Tomorrow™. Learn more at sentinelone.com.