SentinelOne Brings Deep Security Reasoning, Agentic Detection and Response, and Hyperautomation Workflows to Any SIEM or Data Source with Purple AI 'Athena’ Release

SAN FRANCISCO--(BUSINESS WIRE)--(RSAC 2025) - SentinelOne® (NYSE: S), a global leader in AI-powered security, today revealed the next generation of Purple AI – the Purple AI 'Athena' release – showcasing the first agentic AI capabilities to mirror the deep security reasoning and sophisticated orchestration of advanced SOC analysts. Announced at RSA Conference 2025, these innovations build on Purple AI’s native agentic capabilities to help overstretched SecOps teams by automating and dramatically accelerating the end-to-end work of triaging, investigating, and responding to threats. The Purple AI 'Athena' release will also open up Purple AI to 3rd party SIEM platforms and data lakes – bringing the full power of SentinelOne’s agentic AI and automation to all security data in the modern SOC, wherever it resides.

Since its unveiling at RSA Conference 2023, Purple AI has benefited from AI agents and its own proprietary agentic AI framework to meet the demands of real-world cybersecurity teams. SentinelOne has continually built on this agentic framework and real-world experience, introducing agent-based innovations like Purple AI Auto Triage and Purple AI Auto Investigate, which were announced in October 2024 at SentinelOne’s OneCon event.

The Purple AI 'Athena' release is being showcased and demoed at SentinelOne’s booth N-5863 and is part SentinelOne’s broader Agentic AI strategy being rolled at RSAC 2025 – one designed to deliver three primary sets of AI and automation capabilities:

• Deep security reasoning at machine speed – The Purple AI 'Athena' release mirrors the iterative thinking and deductive reasoning of experienced SOC analysts. Tapping into Purple AI’s security models and agentic framework, it can intelligently execute full investigations of suspicious activity across multiple sources, orchestrate multi-step response actions, and remediate threats in seconds rather than hours. This agentic deep security reasoning is fine-tuned by the combination of advanced neural networks working across trillions of security relevant data points, along with a broad human feedback loop made up of a global network of elite security professionals. The result is a level of autonomous SecOps that scales overstretched teams and dramatically reduces mean time to respond (MTTR). Purple AI’s Auto Triage, which was made generally available this week, taps into this deep security reasoning to autonomously conduct AI Similarity Analysis on alerts to identify similar threats and determine the likelihood of a true positive for prioritization.
• Full-loop remediation and response with hyperautomation – Purple AI’s agentic AI system harnesses the no-code, automated workflow capabilities of SentinelOne’s Singularity Hyperautomation to create novel detection rules and to transform insights from agentic auto-investigations into autonomous, full-loop work. Purple AI’s agentic Auto-Triage and Auto-Investigations capabilities deliver summaries of results and steps taken and will prompt human analysts with the option to to turn one-time tasks, responses, and insights into hyperautomation workflows. The agentic system investigates and resolves alerts, and learns over time to autonomously remediate better on behalf of analysts. As a result, security teams can go beyond rudimentary rules-based automation to automating fully orchestrated investigations and response.
• Seamless, data source agnostic integration – With the Purple AI 'Athena' release, SecOps teams can tap directly into third party SIEMs, security data lakes and other security data sources – bringing the full power of Purple AI’s intelligence, agentic framework and the automation of the SentinelOne Singularity platform to all security data in the SOC. Alerts are ingested and correlated immediately, and from there Purple AI applies real-time streaming analytics and full-loop remediation. This opens the door for SentinelOne Singularity customers to avoid costly migrations or middleman pipelines while benefiting from instant time to value, and immediate security outcomes across the entire environment.

Purple AI’s Data Advantage - Agentic from the start, battle-tested in production environments

Broad production-level adoption of Purple AI over the past 2 years has enabled SentinelOne to create highly sophisticated and security-specific models trained on real-world security use cases. This is bolstered by SentinelOne’s highly differentiated sensor architecture, designed for granular, customer-specific tuning of telemetry streamed directly from endpoints and cloud workloads – and seamlessly integrated into the cloud-native data pipelines of SentinelOne’s AI SIEM. This results in a vast and unique data set that is continuously tuned, refined and optimized using a closed-feedback loop made up of SentinelOne’s elite MDR team together with its extensive global partner network of top MDR partners.

With the Purple AI 'Athena' release, SentinelOne will build on this proprietary foundation to execute the most comprehensive set of sophisticated agentic AI workflows in the cybersecurity industry. The Purple AI 'Athena' release will expand on Purple AI’s agentic capabilities to provide: AI-powered Data Integrations, Auto-Threat Hunting and Detections, Auto-Triage and Auto-Investigations, Novel Detection Rule Creation, Auto-Response and Reporting, and AI-powered Support.

“AI and automation have long held the promise of fundamentally transforming security operations and supercharging analysts to detect and respond – at machine speed – to threats from even the most sophisticated nation state adversaries and cyber criminals. At RSA, we’re revealing the industry’s first true end-to-end agentic AI cybersecurity platform built on over a decade of security expertise – and we’re bringing it to all security data in the modern SOC,” said Tomer Weingarten, co-founder and CEO of SentinelOne. “By delivering agentic AI automation and orchestration capable of reasoning and responding like an advanced security analyst, we believe humans get empowered even more as they assume supervision of these systems - an important role that will also shape the coming generation of security service providers.”

A video demonstration of the Purple AI 'Athena' release in action can be seen on the SentinelOne blog.

About SentinelOne

SentinelOne is a leading AI-powered cybersecurity platform. Built on the first unified Data Lake, SentinelOne empowers the world to run securely by creating intelligent, data-driven systems that think for themselves, stay ahead of complexity and risk, and evolve on their own. Leading organizations—including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments - trust SentinelOne to Secure Tomorrow™. Learn more at sentinelone.com.

This press release contains forward-looking statements. The achievement or success of the matters covered by such forward-looking statements involve risks, uncertainties and assumptions. If any such risks or uncertainties materialize or if any of the assumptions prove incorrect, our results could differ materially from the results expressed or implied by the forward-looking statements. Please refer to the documents we file from time to time with the SEC, in particular, our Annual Report on Form 10-K and our Quarterly Reports on Form 10-Q. These documents contain and identify important risk factors and other information that may cause our actual results to differ materially from those contained in our forward-looking statements. Any unreleased products, services or solutions referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase SentinelOne products, services and solutions should make their purchase decisions based upon offerings that are currently available.