In today’s cyber landscape, threat actors are tapping into AI as a material force multiplier. LLMs and agentic AI systems are being weaponized to carry out sophisticated attacks end-to-end with smaller teams. Defenders now face greater volumes of malware, phishing campaigns run by autonomous bots, and adversaries who leverage AI to scale their operations in unprecedented ways.
If attackers are coming to the table empowered by AI, defenders must as well. At SentinelOne, we’ve always believed in harnessing AI for good, using automation and machine learning to outpace adversaries. That’s why S Ventures is excited to announce our investment in detections.ai, an AI-native platform that empowers detection engineers and SOC analysts both individually and as a community with modern AI capabilities.
AI Driven Threats Require AI Powered Defense
From novel strains of malware to AI authored phishing lures, malicious innovation is accelerating. Agentic AI has been weaponized, and AI models are now used to perform full cyberattacks, lowering the barrier for less skilled criminals to launch advanced campaigns. Routine security measures and manual rule writing can’t keep up with machine level threats.
Defenders urgently need AI not just as a tool, but as a core capability woven into their defensive strategy. This means automating what can be automated, augmenting human analysts with intelligent assistants, and adopting platforms that learn and adapt as fast as the threat actors. Detections.ai was built on exactly this premise: to give security teams an AI augmented platform for detection engineering, so they can anticipate and counter attacker moves in real time.
The early traction and demand for detections has been very impressive – in a matter of weeks, the platform has attracted 9,000+ users from 1,500 organizations to collaborate and author detections (including both AI and traditional). This kind of engagement speaks to a pent up demand in the security community for better, more advanced detection engineering tools. A testament to the power of AI and communal knowledge when properly harnessed together.
AI Augmented Detection Engineering for the Blue Team
Modern detection engineers are the unsung heroes of the SOC, but writing high fidelity detection rules can be painstaking, and demands deep expertise in query languages and constant tuning as data sources evolve. Detections.ai tackles this challenge head on by using generative AI to accelerate and strengthen the detection creation process. The platform’s AI can ingest the latest threat intelligence and automatically turn it into detection logic, as well as translate these detections across platforms, so a rule written for one SIEM can be instantly converted to another platform. Thus freeing up human defenders to focus on creative threat hunting and validation of alerts.
The result is a step change in agility for security teams. With detections.ai, creating a new correlation query or hunting rule becomes faster and less error prone, measured in minutes instead of days. As they build out their enterprise release, detection engineers will also be able to leverage the AI to maintain rules over time: if a log schema changes or an attack technique morphs, the platform’s drift awareness will be able to highlight outdated logic and suggest fixes. This proactive maintenance is crucial in a world where attackers constantly refine their tradecraft.
Community Powered Platform for Detections
Another key aspect of detections.ai is its vision of a collaborative, community driven detection engineering ecosystem – a centralized hub where detection content can be shared, vetted, and improved by a broad community of practitioners. The platform aggregates detections that matter from across open-source repos, vendors, and individual researchers, intelligently organizing them so defenders can quickly find what they need.
Detections.ai’s model goes beyond raw crowdsourcing; it emphasizes high quality signal over noise. Detections are rated by peers and experts in the community and those most valued are broadly recommended. The platform supports curated groups and private sharing circles, for example, an ISAC (Information Sharing and Analysis Center) or a trust group of Fortune 500 security teams can maintain a private collection of detections relevant to their sector. This ensures that organizations can collaborate on threat coverage in a trusted environment, sharing detection logic for industry specific threats without exposing sensitive details to the whole world.
Why We Invested in Detections.ai
At S Ventures, we invest in companies that align with SentinelOne’s mission to define the future of autonomous, intelligent security. Detections.ai represents a critical new layer in the modern detection stack, one that we believe will become fundamental to how organizations respond to threats in the AI era. SentinelLabs, our threat intelligence and research team, became an early user of detections.ai and quickly recognized its value. The enthusiasm from our own practitioners was a strong validation: if a platform can make seasoned threat hunters more productive and collaborative, it’s addressing a real pain point.
We also invested because of the team and traction behind detections.ai. Robert Fly and his team are security veterans who understand that technology alone isn’t enough, community and trust are critical as well. Their approach of combining AI with expert curation addresses both sides of the detection quality equation. And the rapid adoption by users and enterprises shows the clear need it fills, and points to detections becoming a category defining company in security.
Building an AI Led Security Future
As we welcome detections.ai into the S Ventures portfolio, we do so with a shared vision: a future where cybersecurity is AI first, community informed, and lightning fast. We believe detections.ai is building the AI native system of record for detection engineering that modern enterprises desperately need. In a world of fragmented SOC tools and expanding threat surfaces, this platform serves as the connective tissue, ensuring that when one defender learns something, the whole community can benefit, and that AI is there to instantly propagate those learnings into every corner of the network. Such capability can mean the difference between a breach spreading undetected and an attack being stopped in its tracks.
SentinelOne has always stood for innovation that gives defenders the edge. By supporting detections, S Ventures is doubling down on that ethos, backing a company that empowers the defense with an AI advantage at a crucial point in the industry. We’re excited to partner with Robert, the detections team and Modern Technical Fund as they scale out the vision, and support the next generation of AI led security infrastructure that will protect us all in the years to come.