SentinelOne enhances AWS integration with new AI security tools
SentinelOne has expanded its collaboration with Amazon Web Services, introducing several new integrations and marketplace offerings aimed at enhancing security for organisations operating in cloud, endpoint and identity environments. The enhancements focus on strengthening AI-powered threat detection, incident response, and data visibility across distributed technology stacks.
Data and threat correlation
The Singularity Platform now supports direct integration with AWS Security Hub. Customers can stream findings from AWS Security Hub into Singularity for automated correlation with endpoint, identity, and AI telemetry. The platform enables organisations to respond more rapidly to threats and improve the efficiency of investigations by automating remediation processes. These integrations are designed to provide a unified view of security status across multiple domains, reducing the time required to detect and address incidents.
Support for the new Amazon Unified Data Lake allows customers to ingest endpoint and cloud workload telemetry directly into AWS. This integration is intended to improve overall visibility and threat detection, enabling organisations to monitor and secure distributed IT environments more effectively. By leveraging the Unified Data Lake, customers can benefit from unified security data management while maintaining flexibility in their analytics strategy.
AI-powered tools
SentinelOne has launched the Purple AI MCP Server in the AWS Marketplace. Organisations can now link Purple AI, SentinelOne's agentic analyst tool, with any AI framework or model hosted on AWS. This capability allows security teams to create custom AI-driven workflows tailored to specific requirements, leveraging SentinelOne's data and analytics for advanced threat response. The server acts as a bridge, integrating diverse AI tools and data sources with the Singularity Platform.
The Observo AI data pipeline, recently added to the AWS GenAI Marketplace, aims to address data management challenges associated with observability and security information. Observo AI applies machine learning models to filter data before ingestion, potentially decreasing the volume of data-and related costs-by up to 50%. By reducing false positives and unnecessary alerts by 80% before they reach the analytics layer, the tool is engineered to enable incident resolution approximately 40% faster, according to the company.
Simplifying procurement
By expanding its offerings in the AWS Marketplace, SentinelOne is seeking to streamline how organisations purchase and integrate new AI-powered security capabilities. All current integrations and tools are available natively via AWS Marketplace channels. Observo AI delivers immediate support for a wide range of AWS services, including CloudWatch, S3, Kinesis Data Firehose and Data Streams, SQS, SNS, Lambda, ELB, CloudFront, and Security Lake.
Customer control
SentinelOne's new integrations feature support for AWS IAM temporary delegation, simplifying set-up for AWS Security Hub connections. This approach is intended to accelerate implementation while maintaining customer oversight and data privacy-customers retain full control over required IAM resources and data flows during setup and operation.
These collective upgrades are designed to support organisations as they move towards adopting AI solutions for security operations, from endpoints to cloud workloads and generative AI applications. SentinelOne's integration strategy with AWS covers more than 20 AWS services, aiming to increase interoperability and reduce operational complexity for customers.
"Security data is the fuel that powers AI-driven, autonomous security. SentinelOne in collaboration with AWS has long believed that open platforms, open data standards like OCSF, and intelligent, unified data lakes are key to protecting customers' ever growing attack surface - from endpoints to the cloud to AI," said Ely Kahn, Chief Product Officer, SentinelOne.
