SentinelOne to Acquire Observo AI to Revolutionize SIEM and Security Operations
Best-in-class, AI-native data pipeline platform will build on SentinelOne鈥檚 AI advantage by turbo charging ingestion, enriching telemetry, and automatically adapting to evolving threats
The announcement comes as security operations teams struggle with costs, complexity and delays created by ever increasing security data volumes 鈥� forcing compromises that reduce visibility, limit protection and slow response. These challenges are compounded by data platforms built before the AI-enabled SOC, modern security stack, and today鈥檚 increasingly fast and sophisticated attacks.
Observo delivers an AI-native, real-time telemetry pipeline that ingests, enriches, summarizes, and routes data across the enterprise鈥攂efore it ever reaches a SIEM or data lake. This empowers customers to dramatically reduce costs, improve detection, and act faster.
鈥淪ecurity is, at its heart, a data problem, and legacy, rules-based data pipeline platforms simply weren鈥檛 built for today鈥檚 ever-growing attack surface and data rich security operations,鈥� said Tomer Weingarten, CEO and Co-founder of SentinelOne. 鈥淥bservo AI is miles ahead of its rivals and will uniquely benefit customers with an AI-native data architecture 鈥� one that is open by design, intelligent by default, and built for the scale and speed needed for autonomous security operations. As a result, we can deliver significant new customer and partner value 鈥� and customer and partner choice 鈥� by allowing for fast and seamless data routing into our AI SIEM, or any other destination.鈥�
A New Chapter in Security Data: Open. AI-Native. Autonomous.
Today鈥檚 enterprises are generating unprecedented volumes of security and observability data鈥攁cross endpoints, cloud workloads, identity systems, GenAI applications, and beyond. But for too long, telemetry has been trapped in rigid pipelines, burdened by high storage costs, siloed by proprietary formats, and limited by legacy ingestion models built for a different age.
Legacy SIEM models were built in an era of rigid ingestion, high storage costs, and manual operations. With Observo AI, SentinelOne will give its AI SIEM, XDR and standalone data customers a modern alternative to breaking down silos and unlocking the value of all security data 鈥� redefining the pipeline as policy-driven, adaptive, and optimized for the Autonomous SOC.
For customers, that means SOC teams can resolve threats faster, cut data costs dramatically, and simplify operations across the entire environment. These capabilities will be delivered at the edge, in stream, and at hyperscale, and will include:
- Freedom to Integrate Anything, Anywhere - Observo AI supports open formats like OCSF, JSON, OTLP, and Parquet鈥攁llowing enterprises to easily ingest, route, enrich, and forward telemetry to any destination, including SIEMs, data lakes, security tools, and cloud platforms. No lock-in. No compromise. Just data where it鈥檚 needed, how it鈥檚 needed.
- AI-Driven Enrichment and Filtering at the Source - Before data is stored or analyzed, it鈥檚 already working for you. Observo AI performs classification, masking, correlation, and summarization in real time using AI models鈥攅nsuring that only the most relevant, enriched, and context-rich telemetry flows downstream. That means faster detection, sharper response, and dramatically lower costs.
- Efficiency Without Sacrifice - With intelligent reduction of data volume by up to 80 percent, and the ability to rehydrate full-fidelity logs on demand, Observo AI redefines cost-efficiency. Enterprises gain the best of both worlds: lean, real-time operational pipelines鈥攁nd deep historical context available when needed.
- Fleet-Scale Security, Data Governance and Observability - Designed for enterprises with thousands of data sources, Observo AI includes centralized fleet management, zero-touch updates, PII masking, and automated discovery of new data types鈥攅nsuring data integrity, compliance, and security posture across every corner of your environment.
- Built for Human and Machine Intelligence - With natural language querying, threat enrichment, and context-aware anomaly detection, Observo AI empowers both human analysts and AI agents to act faster and smarter鈥攆ueling an ecosystem where people and machines operate in concert, not conflict.
Building on SentinelOne鈥檚 AI-Native and Data Foundation
This acquisition builds on years of investment in hyperscale data infrastructure already at the core of SentinelOne鈥檚 Singularity Platform.
Observo AI will enhance that foundation with an intelligent, policy-driven data pipeline optimized for real-time enrichment, filtering, and routing, before data ever reaches storage or analytics layers.
The result is an end-to-end architecture that ingests data from anywhere, makes it smarter in transit, and stores it with full fidelity, delivering faster insights, lower costs, and greater control across the entire security data lifecycle. This foundation also unlocks the next frontier of security: agentic AI workflows, where autonomous agents leverage enriched, real-time data to detect, decide, and respond with human-level reasoning at machine speed.
鈥淥bservo AI was born in the AI and cloud era to help security and DevOps teams tackle previously unimaginable data problems as a means of defending an ever growing attack surface,鈥� said Gurjeet Arora, co-founder and CEO of Observo AI. 鈥淏ringing together Observo鈥檚 AI-native data pipeline with the world鈥檚 best AI-native cybersecurity platform is a huge win for customers and an opportunity for our team to work with an unprecedented network of partners, sellers and fellow innovators. As part of SentinelOne, we have a rare opportunity to define the future of autonomous security and solve the data problems that make that possible.鈥�
鈥淭his acquisition marks the next phase in SentinelOne鈥檚 vision to build the most autonomous, open, AI-powered security platform in the industry,鈥� continued Weingarten.
Transaction Details
SentinelOne will acquire Observo AI for a combination of cash and stock. The transaction is expected to close in SentinelOne鈥檚 third quarter of fiscal year 2026, subject to any applicable regulatory approvals and customary closing conditions.
Forward-Looking Statements
This release relates to a pending acquisition of Observo AI (鈥淥bservo鈥�) by SentinelOne, Inc. (鈥淪entinelOne,鈥� 鈥渙ur,鈥� 鈥渨e,鈥� or 鈥渦s鈥�). This release contains forward-looking statements that involve risks and uncertainties, including statements regarding the anticipated benefits of the acquisition and the timing and closing of the acquisition. The forward-looking statements contained in this release are subject to known and unknown risks, uncertainties, assumptions, and other factors that may cause actual results or outcomes to be materially different from any future results or outcomes expressed or implied by the forward-looking statements. These risks, uncertainties, assumptions, and other factors include, but are not limited to: the effect of the announcement of the acquisition on the ability of Observo to retain key personnel or maintain relationships with customers, vendors and other business partners; risks that the acquisition disrupts current plans and operations; the ability of the parties to consummate the acquisition on a timely basis or at all; the satisfaction of the conditions precedent to consummation of the acquisition; our ability to successfully integrate Observo鈥檚 operations; our and Observo鈥檚 ability to execute on our business strategies relating to the acquisition and realize expected benefits and synergies; our ability to compete effectively, including in response to actions our competitors may take following announcement of the acquisition; and the effects of broader macro conditions.
Forward-looking statements reflect management's current expectations and information available as of the date hereof, and are inherently uncertain. Actual results could differ materially for a variety of reasons. Please refer to the documents we file from time to time with the SEC, in particular, our Annual Report on Form 10-K and our Quarterly Reports on Form 10-Q as these documents contain and identify important risk factors and other information that may cause our actual results to differ materially from those contained in our forward-looking statements. Except to the extent required by law, SentinelOne and Observo undertake no obligation to update the forward-looking statements to reflect new information or future events.
About SentinelOne
SentinelOne is a leading AI-powered cybersecurity platform. Built on the first unified Data Lake, SentinelOne empowers the world to run securely by creating intelligent, data-driven systems that think for themselves, stay ahead of complexity and risk, and evolve on their own. Leading organizations鈥攊ncluding Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments鈥攖rust SentinelOne to Secure Tomorrow鈩�. Learn more at .
Category: Investors
View source version on businesswire.com:
Investor Contact:
Saad Nazir
[email protected]
Media Contact:
Craig VerColen
[email protected]
Source: SentinelOne
