SentinelOne, a global leader in AI-native security, announced its plans to acquire Observo AI, a category-defining platform that powers next-generation telemetry pipeline management. The move is expected to accelerate SentinelOne’s AI SIEM and data offerings, which are among the company’s fastest-growing solutions and contributed significantly to quarterly bookings in Q2 FY26. By integrating Observo AI’s real-time data streaming capabilities, SentinelOne aims to usher in a new era of open, intelligent, and autonomous security operations transforming how security operations centers (SOCs) collect, enrich, and act on critical data across their ecosystems.
The acquisition comes at a time when SOC teams are grappling with rising costs, growing complexity, and slower response times caused by massive volumes of security data. Many organizations remain reliant on outdated data platforms that were never designed for today’s AI-enabled SOC or the increasingly sophisticated threat landscape.
Also Read: Varonis Acquires SlashNext to Counter AI Email Threats
Observo AI addresses these challenges with an AI-native telemetry pipeline that ingests, enriches, summarizes, and routes data across the enterprise in real time before it reaches a SIEM or data lake. This approach reduces costs, enhances detection capabilities, and enables faster threat response.
“Security is, at its heart, a data problem, and legacy, rules-based data pipeline platforms simply weren’t built for today’s ever-growing attack surface and data rich security operations,” said Tomer Weingarten, CEO and Co-founder of SentinelOne. “Observo AI is miles ahead of its rivals and will uniquely benefit customers with an AI-native data architecture one that is open by design, intelligent by default, and built for the scale and speed needed for autonomous security operations. As a result, we can deliver significant new customer and partner value – and customer and partner choice – by allowing for fast and seamless data routing into our AI SIEM, or any other destination.”
Redefining the Future of Security Data Pipelines
Enterprises today generate unprecedented volumes of security and observability data across endpoints, cloud workloads, identity systems, and emerging AI applications. Traditional SIEM models, built for rigid ingestion and high storage costs, have proven inadequate for modern requirements. SentinelOne’s integration with Observo AI will give customers a modern, adaptive, and policy-driven alternative designed for the Autonomous SOC.
Key benefits for customers will include:
-
Seamless Data Integration: Observo AI supports open formats such as OCSF, JSON, OTLP, and Parquet, enabling organizations to route data freely across SIEMs, data lakes, cloud platforms, and security tools eliminating vendor lock-in.
-
AI-Powered Enrichment at the Source: Real-time classification, masking, correlation, and summarization ensure that only the most relevant telemetry is sent downstream, resulting in sharper detection, faster response, and reduced costs.
-
Cost-Efficient Operations: By intelligently reducing data volume by up to 80 percent while preserving the ability to rehydrate full logs on demand, enterprises gain both efficiency and deep historical context.
-
Scalable Security and Compliance: Centralized fleet management, automated discovery of new data types, and PII masking enhance governance and strengthen enterprise-wide security posture.
-
Empowering Analysts and AI Agents: With natural language querying, context-aware anomaly detection, and AI-driven enrichment, Observo AI supports both human analysts and machine intelligence, enabling faster and smarter decision-making.
Strengthening SentinelOne’s AI-Native Foundation
This acquisition builds on SentinelOne’s investment in hyperscale data infrastructure within its Singularity Platform. Observo AI’s intelligent, policy-driven pipeline will extend this foundation, delivering real-time data enrichment, filtering, and routing before it reaches storage or analytics layers. The result is a powerful end-to-end architecture that reduces costs, accelerates insights, and enhances control across the entire security data lifecycle.
Looking ahead, the combined capabilities will also pave the way for agentic AI workflows where autonomous agents leverage enriched, real-time data to detect, decide, and respond with human-level reasoning at machine speed.
“Observo AI was born in the AI and cloud era to help security and DevOps teams tackle previously unimaginable data problems as a means of defending an ever growing attack surface,” said Gurjeet Arora, co-founder and CEO of Observo AI. “Bringing together Observo’s AI-native data pipeline with the world’s best AI-native cybersecurity platform is a huge win for customers and an opportunity for our team to work with an unprecedented network of partners, sellers and fellow innovators. As part of SentinelOne, we have a rare opportunity to define the future of autonomous security and solve the data problems that make that possible.”
“This acquisition marks the next phase in SentinelOne’s vision to build the most autonomous, open, AI-powered security platform in the industry,” added Weingarten.