According to CRN, SentinelOne unveiled a major suite of AI security products at its OneCon 2025 conference in Las Vegas this week, building on its recent $180 million acquisition of Prompt Security and $225 million Observo AI deal. The company launched three generally available AI security products including Prompt Security for Employees to combat shadow AI across 15,000+ services, plus beta access for agentic AI security. SentinelOne also debuted its Wayfinder managed services portfolio in partnership with Google Cloud, expanded Purple AI with agentic auto-investigations now in preview, and released an open-source MCP server on GitHub. These moves position SentinelOne as a centralized platform for orchestrating security tools while leveraging both AI agents and human expertise for autonomous threat detection and response.
The platform consolidation strategy
Here’s the thing about SentinelOne’s latest moves – they’re not just adding features. They’re executing a deliberate strategy to become the central nervous system for security operations. CEO Tomer Weingarten told CRN back in October that they’re moving aggressively to orchestrate all security tools and data sources. Basically, they want to be the platform that everything else plugs into. And they’re betting that AI agents will make a lot of traditional security tools irrelevant over time. That’s a bold statement coming from someone whose company has been selling security tools for years. But it shows where they think the market is heading – toward autonomous, AI-driven security that doesn’t require constant human intervention.
Buying their way into AI security
The Prompt Security and Observo AI acquisitions weren’t just random purchases – they were strategic bets on specific AI security capabilities that SentinelOne needed fast. The Prompt Security deal gives them immediate visibility into how employees are using AI tools across an organization. That’s huge because shadow AI has become a massive security headache for companies trying to control data exposure. Meanwhile, the Observo AI integration into Singularity Platform creates what SentinelOne claims is “the only SIEM on the market” that can analyze data before it’s even added to the system. They’re essentially building a real-time data processing engine that can handle the massive volumes of security data that AI agents need to operate effectively.
The managed services angle
Now here’s where it gets really interesting for partners. The Wayfinder Threat Detection and Response portfolio represents SentinelOne’s push deeper into managed services. They’re combining their AI and agentic capabilities with what they call “elite-level” cybersecurity professionals. And the Google Cloud partnership brings Google Threat Intelligence into the mix. This creates a pretty compelling offering for MSSPs who might not have the resources to build this level of AI-powered detection themselves. The four-tier approach – from Essentials to Elite – gives partners flexibility in how they want to engage. It’s smart positioning because not every customer needs the full premium service, but they all want some level of AI enhancement.
Betting big on agentic AI
SentinelOne isn’t just talking about AI – they’re going all-in on agentic capabilities. The Purple AI expansions with auto-investigations and the MCP server release show they’re thinking about how AI agents will actually work in practice. The MCP server in particular is significant because it makes their platform accessible to any AI framework or LLM that supports the Model Context Protocol. That’s basically creating an ecosystem play – if developers can easily build on top of SentinelOne’s data and analytics, they become the default platform for security-focused AI applications. It’s a clever move that could lock in their position as the underlying infrastructure for whatever comes next in AI security.
