Partnership combines AI-driven detection, advanced SIEM analytics, and global MDR and incident response to reduce dwell time and strengthen cyber resilience
Dallas, TX and Mountain View, CA — March 24, 2026 — LevelBlue, the world’s largest pure-play provider of managed security services, and SentinelOne (NYSE: S), the AI Security leader, today announced a global strategic partnership to deliver integrated, intelligence-driven security operations for organizations worldwide. The collaboration brings together SentinelOne’s Purple AI and Singularity Platform with LevelBlue’s threat-intelligence-led operations and Indigo™ security platform to enhance visibility, accelerate detection, and strengthen response across complex environments.
Under the expanded partnership, LevelBlue will serve as a SentinelOne preferred global partner provider for managed detection and response (MDR) and managed security information and event management (SIEM) services. The strategic partnership will also extend to incident response (IR), with LevelBlue named a SentinelOne preferred provider, enabling organizations to better prepare for, respond to, and recover from cyber incidents.
Together, the companies will deliver a unified security operations model that combines AI-driven detection with human-led investigation and response, helping organizations reduce dwell time, accelerate remediation, and improve overall cyber resilience.
Bridging Autonomous Detection with Real-World Response
The partnership integrates SentinelOne’s AI SIEM and AI-driven analytics technology with LevelBlue’s Indigo security platform, which orchestrates security operations across environments alongside its threat intelligence and digital forensics capabilities. This model combines a high-fidelity data and analytics foundation with a unified operational layer, closing the gap between detection and response, one of the most persistent challenges in modern security operations.
SentinelOne provides the core data ingestion, normalization, and analytics foundation, while Indigo drives investigation, response, and service delivery across LevelBlue’s global MXDR operations. SentinelOne powers the AI data and analytics layer, while LevelBlue delivers MDR, SIEM operations, incident response, and orchestration.
By aligning telemetry across endpoints, cloud workloads, and identities with continuous monitoring and expert-led triage, the combined offering enables earlier detection of advanced threats, faster coordinated response, improved visibility across hybrid environments, and reduced operational complexity.
“Threat actors are moving faster and operating with increasing sophistication,” said Bob McCullen, Chairman and CEO of LevelBlue. “By combining SentinelOne’s AI-driven detection with LevelBlue’s global AI-driven MDR and incident response expertise, we’re enabling organizations to move from fragmented tools to a more unified, outcome-driven security strategy.”
Global Incident Response at Scale
As a SentinelOne preferred IR provider, LevelBlue brings a global team of more than 300 digital forensics and incident response professionals to support clients facing complex cyber incidents. With deep expertise across ransomware, nation-state activity, and large-scale breaches, LevelBlue delivers rapid containment, forensic investigation, and recovery support. LevelBlue’s IR services are backed by CREST-certified teams, flexible retainer models, and proactive readiness services.
“Organizations don’t need more controls, they need outcomes,” said Tomer Weingarten, CEO of SentinelOne. “As the world’s largest pure play MDR provider, LevelBlue brings the scale, expertise, and operational rigor required to turn AI-driven insights into decisive action. Together, we’re helping clients with all heavy lifting, to modernize security operations and stay ahead of evolving threats.”
Delivering Measurable Security Outcomes
Clients of both organizations will benefit from:
- Integrated MDR and AI SIEM operations for detection and response
- Improved signal-to-noise ratio through advanced analytics and curated threat intelligence
- Seamless escalation to incident response, reducing time to containment and remediation
- End-to-end coverage across prevention, detection, response, and recovery
- A unified platform and service model, powered by Indigo, that reduces tool sprawl and operational overhead
Learn more about LevelBlue and SentinelOne’s partnership here.
About LevelBlue
LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world’s most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services. Learn more at LevelBlue.com.
About SentinelOne
SentinelOne (NYSE: S) is the leader in AI security and has long set the standard in the use of AI and automation to give human defenders a decisive operating advantage. Built for those who secure our world, the Singularity Platform delivers unified protection across endpoints, identity, cloud, and AI. Powered by Autonomous Security Intelligence, SentinelOne stops attacks at machine speed—cutting through noise, reducing risk, and giving defenders the clarity and control to stay one step ahead. Headquartered in Mountain View, California, USA with offices and elite teams across the globe, SentinelOne protects the world’s biggest brands, most innovative businesses, and most critical infrastructure from Wall Street to Main Street and beyond.
Media Contacts
LevelBlue
Devon Swanson
devon.swanson@LevelBlue.com
SentinelOne
Regan DePinto
press@SentinelOne.com
