The acquisition focuses on real-time data pipelines designed to eliminate existing bottlenecks in security operations. The company sees significant opportunities for customers struggling with inefficient data processing.
According to SentinelOne, security teams are not dealing with a lack of data, but with a lack of usable data. Legacy data pipelines are the main cause of this. They are designed for batch processing and struggle to keep pace with modern, AI-driven security operations centers.
Observo AI aims to change this with a platform that processes, enriches, and routes data in real time. The system works upstream of SIEM systems and data lakes. By doing so, it can filter out noise before data is stored or analyzed.
Data pipelines determine how information flows between systems and are becoming increasingly important for companies that want to use AI. SentinelOne has therefore acquired Observo AI, which focuses on real-time data pipelines for security.
Thorough evaluation
Before the acquisition, SentinelOne conducted an extensive technical evaluation. The company started with nine suppliers and ultimately selected four for further analysis. The evaluation focused on eleven technical dimensions, including scalability, speed of integration, and anomaly detection.
“Observo emerged as the clear front-runner,” according to SentinelOne. It scored highest in almost all categories. Customer interviews also confirmed this conclusion. Customers saw Observo AI as a solution suitable for large-scale implementations.
Technological advantages
Observ AI’s technology can reduce data volumes by 80 percent without losing important signals. Machine learning helps identify anomalies during data processing. The system also adds contextual information such as GeoIP data and threat intelligence.
The acquisition fits within SentinelOne’s broader vision of autonomous security operations. The company wants to help customers respond more quickly to threats by processing data more efficiently. “The best security comes from the most visibility,” says SentinelOne.
The acquisition should help SentinelOne build a unified, real-time, AI-driven security platform. The company promises to keep the data pipeline technology available to non-SentinelOne customers as well.