SentinelOne, the AI Security leader, recently revealed a new line up of AI security offerings, all designed to give defenders a decisive advantage. Covering both security for AI and the use of AI to automate and transform security operations, the new offerings build on SentinelOneโs market-leading AI security portfolio. From securing autonomous agents to executing full agentic investigations with a single click of a button, all the new offerings are on display at RSAC 2026.
As organisations race to embrace AI to speed innovation, scale operations and boost productivity, AI itself has become the new attack surface and primary source of risk. Not surprisingly, Gartner has reported that AI Cybersecurity โ defined as both securing AI and AI-amplified security โ will be amongst the most significant and fastest growing markets in all AI spend over the next few years. In a January 2026 forecast, Gartner projected that AI cybersecurity spend will grow at an impressive 73.9% CAGR from 2024-2029, more than double that of AI spend overall.
New Prompt AI Agent Security
Building upon SentinelOneโs holistic end-to-end approach to securing AI, Prompt AI Agent Security provides a new, real-time discovery and governance control plane for AI agents and agentic workflows. It takes advantage of the same Autonomous Security Intelligence that powers SentinelOne across endpoint, cloud, and identity, extending that proprietary AI and automation into the agentic layer โ monitoring, controlling, and enforcing policy on agent interactions in real time, at machine speed. The result is full visibility, risk assessment, and policy enforcement in every MCP server operating across a customerโs environment. Also in preview, customers can manage the posture of every AI agent and agentic workflow and automatically remediate agentic behaviour before unauthorised actions occur like an OpenClaw agent sending corporate data to an external endpoint without user awareness, or a Claude Cowork agent escalating privileges across enterprise systems through unauthorised action chaining.
New Prompt AI Red Teaming
Prompt AI Red Teaming gives security and product teams first-of-their-kind capabilities to test and fortify homegrown and first-party AI applications. As developers embrace the use of agents to build new tools, applications and workflows in their enterprise environments, traditional security testing is inadequate to address the inherent AI-specific threats. With Prompt AI Red Teaming, organisations can maintain their innovation advantage without exposing their business or customers to critical risks by simulating real AI attacks (prompt injections, jailbreaks, privilege escalation, data poisoning, etc.), hardening AI apps before they ship, and continuously evaluating risks (detecting model drift, emerging vulnerabilities, new attacks vectors, etc.) as models and threats evolve.
New Purple AI Auto Investigation Now GA
At RSAC 2026, SentinelOne is building on Purple AIโs lead with the general availability of new one-click Auto Investigation. Natively integrated into the Singularity Platform, this new capability allows analysts to launch complete, agentic investigations with a single click. Moving beyond rigid playbooks, Purple AI autonomously gathers cross-stack evidence, synthesises threat data, and constructs complete attack timelines in real time. It delivers clear, explainable verdicts that instantly trigger closed-loop remediation via Singularity Hyperautomationโall while maintaining strict, analyst-in-the-loop governance.
Purple AI uses an agentic framework and human-level reasoning to give security teams the advantage of speed, scale, and skills needed to stop sophisticated attacks. It also delivers intuitive human-in-the-loop automation to amplify and free up human defenders to focus on the most strategic work.
First introduced at RSAC 2023 and battle-tested in thousands of real-world SOCs and customer environments, SentinelOneโs Purple AI has become the defining agentic AI security analyst offering on the market. It has also become one of the most deployed. In SentinelOneโs Q4 FY26 earnings call, the company reported a record attach rate for Purple AI, as it was included in over 50% of all licenses sold during the fourth quarter.
Agentic Auto Investigations now embeds Purple AI reasoning into the most difficult part of security operations, allowing for a complete cross source deep forensic investigation at machine speed, and without additional data routing or extended permissions. All of this is delivered within the bounds of the fully regulated Singularity data platform and AI SIEM.
As a result, Purple AIโs new agentic Auto Investigations shrinks security investigations that took hours and days into minutes and seconds – helping defenders level the playing field and equalize the speed of AI-driven, machine speed attack.
Purple AI Auto Investigations is available for all Purple AI Analyst customers, with no further deployment or configuration needed.
New AI Data Pipelines in Singularity AI SIEM
Following the Observo AI acquisition, SentinelOne is integrating AI-native data pipeline capabilities directly into Singularity AI SIEM to offer the only SIEM on the market to provide both pre-ingestion analytics and flexible data collection in a single platform. Bundled as part of Singularity AI SIEM, this integrated AI data pipeline includes intelligent filtering, enrichment, ND normalisation all operating upstream before data reaches the Singularity Platform. This reduces data noise by up to 80% before ingestion, reducing infrastructure costs, while unlocking AI-detection and response across third party data at enterprise scale.
โFrom our founding SentinelOne has embraced AI and automation to give those that defend our world a deciding operating advantage,โ said Tomer Weingarten, co-founder and CEO of SentinelOne. โMany of the worldโs largest and most critical organisations trust SentinelOneโs AI Security portfolio to safeguard AI use and amplify human defenders. With these new innovations, they can now ingest and sanitise security source data on the fly into the Singularity Platform, and have complete human supervised agentic investigations to bring their security operations to machine speed – today. These new innovations build on our proven and production-grade foundation, to ensure customers can confidently harness the full power of AI today, knowing their initiatives are secure, well-governed, and resilient against future threats.โ
