SentinelOne Delivers AI EDR for AWS Security Hub Extended

Key Terms

runtime security technical

Runtime security is the protection of software and systems while they are actively running, by watching how programs behave and stopping suspicious actions, unauthorized changes, or malicious code in real time. For investors, it matters because effective runtime security reduces the risk of costly breaches, service outages, regulatory penalties and reputation damage—similar to a security guard watching a store during business hours to catch and stop theft before it causes big losses.

endpoint technical

An endpoint in clinical research is the specific outcome investigators decide in advance to measure whether a treatment is effective or safe, such as symptom improvement, survival time, or a change in a lab value. For investors it matters because meeting or missing these pre-set goals is the main signal regulators and the market use to judge a drug’s prospects—like a race’s finish line that determines if a product can move forward, win approval, and generate revenue.

cloud workload security technical

Measures, tools and practices used to protect software applications, data and computing tasks that run in cloud environments from hacking, data leaks and operational failures. Investors should care because weak protection can lead to service outages, regulatory fines, customer loss and unexpected costs—similar to leaving the doors and safes of a business unguarded—while strong security reduces risk and supports reliable growth and valuation.

pay-as-you-go pricing financial

A pricing model where customers pay only for the actual amount of a product or service they use, like a utility meter or a prepaid phone plan, rather than a fixed subscription. Investors care because it ties company revenue directly to customer usage: it can boost growth when usage rises and lower churn by lowering upfront cost, but it can also make revenue less predictable and sensitive to changes in customer behavior.

data pipeline technical

A data pipeline is the series of steps and tools that collect, clean, transform and deliver information from its source to where analysts, managers or machines use it. For investors it matters because reliable pipelines ensure financial metrics, customer figures and operational signals are timely and accurate—like a sealed system of pipes delivering clean water to a city, good pipelines prevent leaks, delays and bad decisions based on faulty numbers.

AWS Marketplace financial

AWS Marketplace is an online store where businesses can find and buy software and tools that run on Amazon’s cloud services. It makes it easier for companies to discover, compare, and quickly set up the technology they need without going through complicated steps, saving time and effort.

New integration gives customers streamlined access to AI-powered runtime security directly in their AWS Console

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)-- SentinelOne® (NYSE: S), the AI Security leader, today announced that its Singularity™ Platform is now available through AWS Security Hub Extended, Amazon Web Services’ (AWS) unified security solution. The new integration brings direct access to SentinelOne’s AI-powered runtime protection into the AWS console. This gives AWS customers the ability to turn on and deploy SentinelOne’s endpoint and cloud workload security seamlessly across their environment and manage it alongside their broader AWS security signals all in one place.

The offering builds on SentinelOne’s long-time collaboration with AWS focused on innovation and go-to-market initiatives. Integrating SentinelOne’s Singularity Platform with AWS Security Hub Extended takes the next step, offering customers a console-native, streamlined deployment option, and pay-as-you-go pricing that reduces operational complexity, streamlines procurement, and empowers customers to secure more of their digital footprint with AI-powered speed – fully integrated into the AWS security experience.

The newly launched AWS Security Hub Extended simplifies how organizations procure and deploy enterprise security through a single-vendor experience with one contract, one bill, consolidated support, and flexible pay-as-you-go pricing with AWS as the seller of record. For customers already running on AWS, this removes one of the biggest barriers between identifying a security gap and closing it: procurement complexity. With SentinelOne now available through AWS Security Hub Extended, AWS customers can add AI-powered endpoint and cloud workload protection to their security stack through the same console and billing relationship they already use — no separate transactions, no new vendor negotiations, no long-term commitments.

"Security teams shouldn't have to choose between best-in-class protection and procurement simplicity — and now they don't have to," said Melissa K. Smith, SVP, Global Strategic Partnerships and Initiatives, SentinelOne. "Customers can immediately turn on AI-driven endpoint and cloud security in minutes, using the budgets and commitments they already have, without ever leaving the console. We're removing friction so teams can protect their workloads faster."

Security teams can now accelerate investigations, automate remediation, and contain threats at machine speed. The SentinelOne Singularity Platform on AWS Security Hub enables autonomous prevention, detection, and response across endpoints and cloud workloads with Purple AI™ — SentinelOne's AI analyst — so teams spend less time chasing noise and more time stopping attacks.

Key benefits for customers

• Use what they already have: Customers can use existing AWS budgets and spending commitments to procure SentinelOne, streamlining procurement and aligning security investments with how they already consume AWS services.
• Pay as you go: A flexible model lets organizations pay only for the protection they actually need as they scale.
• Streamlined deployment from the AWS console: Security can be deployed in minutes directly from AWS Security Hub Extended, without custom integrations or separate marketplaces and private offers.
• AI amplified security operations: Autonomous prevention, detection, and response, combined with Purple AI helps small and stretched security teams do more by using AI to handle much of the heavy lifting involved in finding, investigating, and stopping attacks.
• Unified visibility in AWS Security Hub: As part of AWS Security Hub Extended, SentinelOne findings flow into AWS Security Hub, allowing teams to see endpoint and cloud threats alongside their broader AWS security signals in a single place.

Building on a year of AI-driven innovation

This launch builds on SentinelOne’s strategic collaboration with AWS to accelerate AI-powered security outcomes, one that signals a depth of commitment. Over the past year, that collaboration has delivered milestones including: the Purple AI MCP Server, an open, extensible AI layer available in AWS Marketplace that connects the Singularity Platform to any AI framework or large language model for custom agentic workflows, in contrast to closed-ecosystem alternatives; Singularity Hyperautomation for AWS Security Incident Response, with no-code playbooks that let security teams orchestrate containment at machine speed, directly amplifying the AI-powered SOC; and bidirectional data flows with Amazon CloudWatch paired with Observo AI's intelligent data pipeline, giving customers control over where their security data lives while cutting ingestion noise by up to 80 percent.

Availability

The Extended Plan for AWS Security Hub is immediately available in all commercial AWS regions. For more information on SentinelOne’s integrations with AWS and to explore related listings, visit SentinelOne in AWS Marketplace.

About SentinelOne

SentinelOne (NYSE: S) is the leader in AI security, setting the standard for using AI and automation to give defenders a decisive operating advantage. Built for those who secure our world, its platform delivers unified coverage across endpoints, identity, cloud, and AI. Powered by Autonomous Security Intelligence, SentinelOne stops attacks at machine speed, reducing risk and delivering clarity and control to stay one step ahead. Headquartered in Mountain View, California with teams worldwide, SentinelOne protects nearly one-fifth of the Fortune 500 and hundreds of Global 2000 enterprises. From Main Street to Wall Street, the world’s most critical organizations trust SentinelOne with their security.

Third-Party Disclaimer

All third-party product names, logos, and brands mentioned in this publication are the property of their respective owners and are for identification purposes only. Use of these names, logos, and brands does not imply affiliation, endorsement, sponsorship, or association with the third party.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260520870693/en/

Media Contact
Regan DePinto
press@sentinelone.com

Source: SentinelOne