BlogSentinelOneSecurity OperationsSecurity
Blog4 minute read

SentinelOne OneCon 2025: Redefining the Future of AI-Driven Security

SentinelOne isn't afraid to take on the hard problems. Too often, as practitioners, we are faced with having to make concessions in our security program for the sake of waiting on our OEM of choice to innovate, acquire or deliver on feature-rich promises over the years of our contract terms. If there is one thing that 2025 has taught me is that SentinelOne is facing those head-on.

In this blog

  1. Democratization of data– Observo AI has entered the chat
  2. Prompt Security is leading the charge in AI security
  3. The expanding use cases and the many shades of Purple AI 
  4. Conclusion

 Democratization of data– Observo AI has entered the chat

At WWT, our teams have leaned heavily into helping organizations take back ownership of their data. SentinelOne's acquisition of the Security Data Pipeline Platform, ObservoAI, is a leap forward into the future of optimizing data pipelines for autonomous threat detection and response. 

This is your organization's first stop in the SOC of the Future by delivering what is most needed – Visibility, Flexibility and Control of your data. ObservoAI brings the power of smart routing to your team's fingertips by giving you complete control of the data. Simultaneously, it delivers that data in the right format to the destination that makes the most sense for you. 

While the SDPP can be a standalone purchase for your environment, don't sleep on what brought us to this data conversation in the first place: their AI SIEM offering. Combining ObservoAI with AI SIEM breaks down silos in your architecture and is the cheat code for unlocking value in your organization's security data built for your AI-enabled SOC.

 Prompt Security is leading the charge in AI security

The acquisition of Prompt Security is SentinelOne's plants a bold flag in the AI security landscape. The message is clear: while organizations can adopt any component of the Singularity platform, SentinelOne's vision is to become the security platform of choice. You can either come for the EDR, SIEM, or SDPP and stay for the AI Security or you can lean in to the entirety of the Singularity platform fit to secure your enterprise across Deception, Cloud Workloads, and Identity Protection. 

Prompt Security has three offerings generally available now 

 The expanding use cases and the many shades of Purple AI 

As Tomar Weingarten, CEO of SentinelOne, said, "SentinelOne has long believed that enterprises should be able to capitalize on the transformative power of AI with confidence. And that means empowering them to master two security disciplines at once – Security for AI and AI for Security."

That dual mission is anchored by the evolution of Purple AI. The capability for Purple to provide In-line agentic auto-investigations with dynamic reasoning is impressive enough, but the ability to conduct end-to-end investigations from discovery to impact analysis, response recommendations and rule creation is nothing short of transformational. 

The maturation of Singularity Hyperautomation has forged the integration with Purple AI to provide agentic investigation and response, and the debut of custom detection rule creation that bridges human intuition and machine precision. 

Expanding on this foundation, SentinelOne's expansion of Purple AI through the new Model Context Protocol (MCP) Server opens the door for true interoperability between Singularity and the broader AI ecosystem. Acting as a context bridge between SentinelOne's analytics and any LLM or AI framework, MCP allows teams to build their own agentic AI applications that can reason, respond, and act using real security telemetry. It's available open-source on GitHub and signals SentinelOne's intent to make Purple AI not just a feature - but a framework.

 Conclusion

When the conference lights dimmed and OneCon wrapped, I left feeling inspired, excited and relieved.

  • Inspired by the energy of the practitioners and engineers on the show floor — from the finals of the Sentinel League Threat Hunting Championship to the conversations about the future of autonomous SOCs.
  • Excited by the passion of leaders like Steve Stone, evangelizing the reimagined Wayfinder Threat Detection and Response Services and security juggernauts of the world, Mike McGrail, breaking down the architecture behind AI SIEM.
  • Relieved not just because I left Las Vegas, even on my wallet, but because SentinelOne's leadership clearly understands the weight of their role in protecting the world's most critical organizations with their customer-first, partner-always approach.

SentinelOne isn't just keeping up with the pace of innovation - it's setting it. And after OneCon 2025, that's never been more evident.

Technologies