SentinelOne is an autonomous cybersecurity platform that uses AI to provide endpoint protection, detection, and response across enterprise environments. Founded in 2013 by Tomer Weingarten and Almog Cohen and headquartered in Mountain View, California, SentinelOne delivers what it terms autonomous endpoint protection, where AI models running directly on each endpoint can detect and respond to threats without requiring cloud connectivity or human intervention. The platform's Singularity platform unifies endpoint protection (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) into a single agent and console. SentinelOne's AI engine uses multiple detection mechanisms including static AI for pre-execution file analysis, behavioral AI for runtime threat detection, and machine learning models that identify malicious patterns across process trees, file operations, network activity, and registry changes. A distinguishing capability is its Storyline technology, which automatically correlates related events into structured attack narratives, providing security analysts with a complete timeline and context for each detected threat without manual investigation. The platform also features automated remediation and rollback capabilities that can reverse malicious changes, including ransomware encryption, restoring affected systems to their pre-attack state. Purple AI is SentinelOne's generative AI security analyst that enables natural language threat hunting, investigation, and response across the platform's data lake. SentinelOne supports Windows, macOS, Linux, Kubernetes, and cloud workloads. The platform integrates with a broad ecosystem of security tools through its Singularity Marketplace. Pricing is structured in tiers, with Singularity Core, Singularity Control, and Singularity Complete offering progressively more features, with enterprise pricing available on request.

AI Analytics Tools

SentinelOne provides advanced security analytics through its Storyline technology, which automatically correlates events into structured attack narratives, and its data lake that stores and enables querying of security telemetry. Purple AI allows analysts to conduct natural language threat hunting and investigation across historical and real-time security data.

AI Automation Tools

SentinelOne automates the entire threat lifecycle from detection through response and remediation. Its autonomous response capabilities can quarantine threats, kill malicious processes, and roll back ransomware encryption without human intervention. Purple AI further automates threat hunting and investigation through natural language queries across security telemetry.

AI Cybersecurity

SentinelOne provides autonomous AI-powered endpoint protection that detects and responds to threats without requiring cloud connectivity or human intervention. Its multi-layered AI engine combines static analysis, behavioral detection, and machine learning to identify both known and novel threats, while Storyline technology automatically reconstructs complete attack narratives for rapid investigation.