SentinelOne unveils new AI security tools for agents
SentinelOne has introduced a set of artificial intelligence security products, expanding its portfolio across AI protection, automated investigations and data handling.
The launch includes Prompt AI Agent Security, Prompt AI Red Teaming, general availability for Purple AI Auto Investigation, and AI data pipeline functions within Singularity AI SIEM. Together, the products are aimed at securing AI systems and using AI in security operations.
As companies move quickly to deploy AI tools in daily operations, product development and internal workflows, security teams are managing a broader attack surface. That shift has increased demand for tools that can monitor AI agents, test AI applications for weaknesses and automate parts of incident response.
Agent controls
Prompt AI Agent Security is designed as a control layer for AI agents and agentic workflows. It is intended to give organisations visibility into AI agent activity, assess risk and enforce policy across the environments where those agents operate.
The product also includes real-time monitoring of interactions and is aimed at preventing unauthorised actions before they occur. Preview features are expected to let customers manage the posture of AI agents and automatically respond to risky behaviour, such as an agent sending company data to an external destination or escalating privileges across enterprise systems.
Alongside that release, Prompt AI Red Teaming is aimed at security and product teams building their own AI applications. It is designed to test AI-specific threats that are not fully covered by conventional application security methods.
The offering can simulate attacks such as prompt injection, jailbreaks, privilege escalation and data poisoning. It is also intended to support ongoing evaluation of AI systems as models change and new threats emerge.
Investigation tool
SentinelOne has also moved Purple AI Auto Investigation into general availability. Integrated into the Singularity platform, it allows analysts to trigger a full investigation with a single action.
The tool gathers evidence across different data sources, compiles attack timelines and produces verdicts that can trigger remediation through SentinelOne's automation tools. The process remains under analyst oversight.
Purple AI has been a central part of the company's broader security platform for some time. On its fourth-quarter earnings call for fiscal 2026, SentinelOne said Purple AI was included in more than 50% of all licences sold in the quarter, which it described as a record attach rate.
That figure suggests the product is becoming a larger part of SentinelOne's commercial strategy as it seeks to embed AI-led analysis more deeply into customer security operations. The latest auto-investigation release is intended to reduce investigations that previously took hours or days to minutes or seconds.
Purple AI Auto Investigation is available to existing Purple AI Analyst customers without additional deployment or configuration.
Data pipeline
Another part of the launch focuses on data processing within security information and event management systems. Following its acquisition of Observo AI, SentinelOne is integrating AI-native data pipeline functions into Singularity AI SIEM.
The combined setup includes pre-ingestion analytics, flexible data collection, filtering, enrichment and normalisation before information reaches the wider platform. SentinelOne says this can cut data noise by up to 80% before ingestion, with the aim of lowering infrastructure costs and improving analysis across third-party data sources.
The move reflects a broader trend in the cyber security market, where vendors are trying to reduce the cost and complexity of storing and processing growing volumes of machine-generated security data. Handling that data earlier in the pipeline has become a key selling point in SIEM competition, especially as AI-driven analysis requires large, well-prepared datasets.
Market forecasts cited by SentinelOne point to rapid growth in AI-related cyber security spending over the next several years. The company referenced Gartner projections showing AI cyber security as one of the faster-growing segments of AI expenditure, with spending expected to rise at a 73.9% compound annual growth rate from 2024 to 2029.
That backdrop is shaping competition among cyber security companies, which now need to address two linked challenges: protecting AI tools themselves and using AI to manage increasingly complex security operations. SentinelOne's latest releases are aimed at both, from governance of autonomous agents to automated investigations and earlier-stage data filtering.
"From our founding SentinelOne has embraced AI and automation to give those that defend our world a deciding operating advantage," said Tomer Weingarten, Co-Founder and CEO, SentinelOne. "Many of the world's largest and most critical organisations trust SentinelOne's AI Security portfolio to safeguard AI use and amplify human defenders. With these new innovations, they can now ingest and sanitise security source data on the fly into the Singularity Platform, and have complete human supervised agentic investigations to bring their security operations to machine speed - today. These new innovations build on our proven and production-grade foundation, to ensure customers can confidently harness the full power of AI today, knowing their initiatives are secure, well-governed, and resilient against future threats."