SentinelOne and Cloudflare are expanding their partnership to give joint customers AI-driven insights in an intuitive, unified experience. The combination of Cloudflare’s global infrastructure network and SentinelOne’s Singularity AI SIEM will strengthen real-time threat detection and response for enterprises of all sizes. Through a new integration, joint customers can automatically apply AI-driven correlation from Cloudflare Logpush telemetry and SentinelOne’s native signals across endpoint, cloud, identity, and AI. As a result, security teams can automate detection, investigation, and response to threats as they move from the internet edge into adjacent environments.
Security data is exploding and attack surfaces are expanding. To keep up, organizations are fundamentally rethinking autonomous threat detection. Security teams are moving beyond disjointed point products and siloed signals. Instead, they need integrated platforms that correlate data across edge, endpoint, cloud, identity, and more. This unified approach reduces complexity and improves outcomes. Most importantly, it frees security analysts to focus on the threats that actually matter.
The new integration brings Cloudflare’s Zero Trust and edge network telemetry data, including Gateway, Access, and WAF logs, directly into SentinelOne’s Singularity Platform. For joint customers, this creates a single, unified command center for better visibility, context, threat investigation and response for modern threats and sophisticated adversarial techniques. Customers can configure Singularity Platform in just a few clicks to become the native Logpush destination within the Cloudflare Dashboard, delivering immediate time-to-value.
“Our expanded partnership with Cloudflare shows what’s possible when two innovators come together with a common purpose,” said Melissa K. Smith, SVP, Global Strategic Partnerships & Initiatives, SentinelOne. “By unifying Cloudflare’s global network telemetry and AI-driven insights with the intelligence of our AI SIEM, we are enabling security teams to automate correlation and response across edge and enterprise, reducing manual effort and helping analysts focus on the threats that matter most. Together, we are delivering protection that is stronger, easier to operate and designed to scale with the needs of modern security teams.”
“Expanding our partnership with key technology alliance partners like SentinelOne is core to how we are further interconnecting our global infrastructure network to secure even more customers”, said Tom Evans, Chief Partner Officer at Cloudflare. “Organizations worldwide are facing a growing number of threat signals, and now with Cloudflare and SentinelOne’s intelligence, they can automate that action and analysis from a single platform. We want to make sure that organizations can clearly see the AI-driven correlations and enforce proper protections to improve their security posture.”
SentinelOne’s Singularity AI SIEM provides security teams with the essential technology that drives the vision for an Autonomous SOC, that is built to operate on live data, not static logs. With a built-in data pipeline, AI SIEM applies intelligence directly to streaming telemetry, identifying and filtering risk earlier in the attack lifecycle to reduce noise and enable faster, more efficient detection.
By fusing real-time telemetry with Agentic AI and Hyperautomation, Singularity AI SIEM automates investigation and remediation end-to-end, removing manual steps between detection and action. The result is a SOC that moves from reactive alert handling, to proactive automated response, enabling analysts of any skill level to investigate and neutralize threats with speed and confidence.
