Unifying Global Network Telemetry and Singularity AI SIEM to Deliver Real-Time Correlation and Hyperautomation
In an era of exploding attack surfaces and fragmented security stacks, the ability to correlate data across the internet edge and the internal enterprise environment has become the holy grail of cybersecurity. SentinelOne and Cloudflare have announced an expansion of their strategic partnership, integrating Cloudflare Logpush telemetry directly into the SentinelOne Singularity AI SIEM to provide a unified, AI-driven command center.
This integration allows joint customers to automatically correlate signals from the network edge, including Zero Trust, WAF, and Access logs, with native signals from endpoints, cloud workloads, and identity providers.
Modern adversaries frequently exploit the transition point between the public internet and private infrastructure. By funneling Cloudflare’s edge telemetry into the Singularity Platform, security teams gain unprecedented context.
- Seamless Integration: Customers can configure the Singularity Platform as a native Logpush destination within the Cloudflare Dashboard in just a few clicks.
- Unified Visibility: Gateway, Access, and WAF logs are now analyzed alongside endpoint and identity data, allowing for the detection of sophisticated, multi-stage attacks that traditional point products miss.
The goal of this partnership is to move the Security Operations Center (SOC) from a reactive posture to one of Proactive Autonomy. SentinelOne’s AI SIEM operates on live, streaming data rather than static logs, applying intelligence at the point of ingestion.
“By unifying Cloudflare’s global network telemetry with the intelligence of our AI SIEM, we are enabling security teams to automate correlation and response across edge and enterprise,” noted Melissa K. Smith, SVP of Global Strategic Partnerships at SentinelOne.
This fusion of real-time telemetry with Agentic AI allows the system to not only identify a threat but to execute remediation steps end-to-end—filtering out noise and allowing analysts to focus on high-impact strategic defense.
For Cloudflare, the expansion represents a commitment to a more interconnected global infrastructure. Tom Evans, Chief Partner Officer at Cloudflare, emphasized that as threat signals grow in volume, the ability to automate analysis from a single platform is the only way for organizations to maintain a strong security posture at scale.
As enterprises continue to rethink threat detection, the SentinelOne-Cloudflare alliance provides a scalable blueprint for the future: a SOC that is faster, smarter, and designed to neutralize threats before they move past the internet edge.
