Free to read. Sign up to save your progress and take knowledge-check quizzes.

Sign up free
5 min read·Updated March 27, 2026

SentinelOne

SentinelOne logoBy SentinelOne

SentinelOne is an AI-powered endpoint protection platform with Purple AI — a generative AI security analyst offering autonomous investigation, attack timeline visualization, and agentic detection and response at $1 billion+ ARR.

Listen to this lesson

Free preview · first 0:30
0:00 / 0:30

Audio & video lessons are paid features

Plus unlocks audio streaming. Pro adds downloadable audio, video, certificates, and more.

Plus adds:
  • Audio streaming
  • Downloadable PDFs
  • All AI Playbooks
  • Personalized content
Pro also adds:
  • Certificates of completion
  • Audio MP3 downloads
  • Video lessonssoon
  • & More…soon
Sign upSign inCompare plans

Watch this lesson

Video coming soon

Learning Objectives

  • Understand what SentinelOne does and how Purple AI augments security analysts
  • Evaluate Purple AI Athena's agentic detection and response capabilities
  • Compare SentinelOne to CrowdStrike and Palo Alto Networks

What Is SentinelOne?

SentinelOne is an AI-powered cybersecurity platform providing endpoint, cloud, and identity protection through the Singularity Platform. What sets it apart is Purple AI — a generative AI security analyst that can autonomously investigate threats, construct attack timelines, and execute detection and response workflows.

Purple AI has achieved a 50% attach rate on new deals as of early 2026, making it one of the fastest-adopted AI features in cybersecurity. SentinelOne crossed $1 billion in revenue for the first time in FY2026, achieving full-year operating profitability.

💡Key Concept

AI Security Analyst: Purple AI acts like a junior security analyst on your team — you can ask it questions in natural language ("show me all suspicious login attempts from this IP range in the last 48 hours"), and it queries the data lake, investigates the results, constructs an attack timeline, and recommends response actions. The "analyst-in-the-loop" design means humans approve high-stakes actions while routine investigation runs autonomously.

Purple AI Capabilities

Purple AI Athena Release (April 2025)

Three major capability pillars:

Deep Security Reasoning — AI-powered reasoning at machine speed for complex multi-step investigations that would take human analysts hours.

Agentic Detection and Response — full-loop autonomous workflows:

  • Auto-Threat Hunting — proactively searches for hidden threats
  • Auto-Triage — prioritizes alerts based on risk and context
  • Auto-Investigations — autonomous evidence gathering and analysis
  • Novel Detection Rule Creation — AI writes new detection rules based on discovered threats
  • Auto-Response and Reporting — executes remediation and generates reports

Data Source Agnostic — works with third-party SIEMs and data lakes, not just SentinelOne's own data. This means organizations can deploy Purple AI on top of existing security infrastructure.

Pricing

Singularity Core~$70/endpoint/year
  • EPP + basic EDR
Singularity Control~$80/endpoint/year
  • Adds device control and firewall management
Singularity Complete~$180/endpoint/year
  • Full EDR
  • Threat hunting
  • Storyline visualization
Singularity Commercial~$230/endpoint/year
  • Adds identity and cloud workload protection
Singularity EnterpriseCustom
  • Full platform + Purple AI

SentinelOne vs. Competitors

PlatformRevenueStrengthLimitation
SentinelOne$1 billionAutonomous AI-first architecture; Purple AI 50% attach rate; published pricing; no major outage4x smaller than CrowdStrike; fewer Fortune 500 customers
CrowdStrike$4.81 billionNumber 1 market share (22.6%); deepest threat intelligence; 29,000+ customersHigher cost; July 2024 outage history
Palo Alto Networks$10.5 billionBroadest portfolio (firewall, SASE, CASB, XDR); platformization strategyHigher complexity; strongest in network security, not endpoint-first
Microsoft DefenderIncluded in E5Free with licensing; native OS integration; massive installed baseLower detection rates in independent tests; not purpose-built

Company Details

DetailInfo
CompanySentinelOne Inc. (NYSE: S)
Founded2013 (Tel Aviv; HQ moved to US)
CEOTomer Weingarten (co-founder)
HeadquartersMountain View, California
Employees~2,800
Revenue (FY2026)~$1 billion (+22% year-over-year; first time crossing $1 billion)
ARR$1 billion+
Market Cap~$6 billion
Large Customers1,572+ with over $100,000 ARR (+20% year-over-year)
Endpoint Market Share10.6% (number 3 behind CrowdStrike and McAfee)
ProfitabilityAchieved full-year operating profitability in FY2026 for the first time
Websitesentinelone.com

Key Takeaways

  • SentinelOne's Purple AI is a generative AI security analyst with autonomous investigation, attack timeline visualization, and agentic detection and response — 50% attach rate on new deals
  • Crossed $1 billion revenue in FY2026 with first-ever operating profitability; published pricing from $70-$230 per endpoint per year
  • Purple AI Athena works with third-party SIEMs and data lakes — not locked to SentinelOne's own data
  • Best for organizations wanting AI-augmented security at lower cost than CrowdStrike, with autonomous investigation and transparent pricing

Save your progress & take the quiz

Sign up free to bookmark lessons, track which modules you've completed, and lock in what you learned with a quick knowledge-check quiz at the end of each lesson.

Sign up freeAlready a member? Log in
🧭Recommended for you