SentinelOne launches Singularity AI SIEM for AWS Marketplace

SentinelOne has announced the availability of its Singularity AI SIEM solution on the AWS Marketplace.

This development enables AWS customers to leverage SentinelOne's AI and data tools, enhancing threat detection and response capabilities across a broad range of digital assets and environments.

Access in AWS Marketplace

The addition of Singularity AI SIEM to the AWS Marketplace provides a direct channel for customers to procure and deploy this cloud-native security solution through AWS, where many already source their software and related services. The Singularity AI SIEM joins SentinelOne's existing products available on the marketplace, including its endpoint detection and response (EDR) offering and broader cloud security catalogue.

According to the company, Singularity AI SIEM brings a unified platform that can correlate data not only from SentinelOne's own EDR and cloud security tools, but also from third-party sources. This unified approach is designed to offer comprehensive visibility into potential threats and provide real-time detection capabilities.

Ric Smith, President of Product, Technology, and Operations at SentinelOne, commented on the expansion:

"Businesses are looking for faster and smarter ways to defend a rapidly growing attack surface against increasingly sophisticated adversaries. By bringing Singularity AI SIEM to the AWS Marketplace, we're making it far easier for more SecOps teams to harness the power of AI, automation and cloud-native data platforms to modernize the SOC and stop today's increasingly sophisticated threats."

Technical features

The Singularity AI SIEM leverages key elements, including always-on hot storage, real-time data ingestion, and a SaaS-based architecture, to deliver performance at scale. The solution includes modern automation features, including those powered by what SentinelOne describes as agentic AI, called Purple AI. This tool automates steps such as triaging incidents, summarising events, and generating correlation rules to reduce the burden on human analysts and speed up response times.

Additional features include AI-powered triage, alert enrichment with threat intelligence, and standardisation using a unified data schema. The system uses no-code workflows for actions such as Indicator of Compromise (IOC) blocking and Service Level Agreement (SLA) reporting, aiming to remove manual processes and the need for additional orchestration platforms.

From an operational perspective, security analysts gain access to a single, cloud-native console that enables them to query and investigate data across SentinelOne's cloud-native application protection platform (CNAPP), Endpoint Detection and Response (EDR), and external data sources. Features such as drag-and-drop automation and collaborative investigation notebooks are included to support workflow efficiency and enable more rapid threat-hunting activities without requiring coding skills.

Continued AWS collaboration

The Singularity AI SIEM has been verified as a "Deployed on AWS" product within the AWS Marketplace and participates in the AWS Vendor Insights programme. This participation is intended to simplify security evaluations for customers and streamline procurement processes.

SentinelOne stated it has seen 100% year-over-year sales growth on AWS Marketplace, reflecting an ongoing focus on serving customers where they acquire their cloud services and software solutions. Integration with AWS-native tools is expected to allow customers to consolidate their security posture and processes through a single solution.

This move is also a continuation of SentinelOne's recent activities with AWS, having joined the vendor programme aimed at supporting secure cloud migrations.

The Singularity AI SIEM is now generally available to all AWS customers through the marketplace.