NYSE: S

Our Singularity Platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of ever-expanding disparate external and internal sources in real-time. We aim to build rich context and deliver greater visibility by constructing a dynamic representation of data across an organization. As a result, our AI models are able to be highly accurate, actionable, and autonomous. Our distributed AI models run both locally on every endpoint and every cloud workload, as well as on our cloud platform.

Furthermore, our Singularity Platform provides visibility across an organization’s digital assets through a fully-integrated console, making it easier and faster for security teams to search through petabytes of data to investigate incidents and hunt threats. Singularity is designed to offer multi-tenancy and can be deployed on a diverse range of environments that our customers choose, including public, private, or hybrid clouds.

For each endpoint, cloud workload, user identity and security data lake, we are able to run highly optimized AI models in a single lightweight software agent. Our Static AI model can predict file-based attacks of all types, even previously unknown threats, often referred to as “zero-day” attacks, with extreme precision in milliseconds. Our Behavioral AI can model, map, monitor, and link all behaviors to create rich, contextual narratives that we call Storylines. These high-fidelity Storylines are continuously evaluated by our Behavioral AI model, which contributes to our best-in-class detection capabilities. Our generative AI empowers security teams to unify, accelerate, and simplify security operations. When activity is deemed a threat, our software is designed to autonomously take action to stop the attack. Because Storylines contain a complete record of unauthorized changes made during an attack, users can remediate or roll back unauthorized changes with a single click.

The power to turn back time on a device is unique in the market. It is the ultimate safety net and exemplifies autonomous cybersecurity. Therefore, our software can eliminate manual, expensive, and time-consuming incident cleanup. In the cloud, our platform can aggregate Storylines. Our Streaming AI can detect anomalies that surface when multiple data feeds are correlated with additional external and internal data. By providing full visibility into the Storyline of every secured device across the organization through one console, our platform enables analysts to quickly and easily search through petabytes of data to investigate incidents and proactively hunt threats.

Singularity’s protection and visibility extend across critical enterprise surfaces, including traditional endpoints, cloud workloads, identity credentials, unmanaged devices, and Internet of Things (IoT) devices. This can empower security analysts of all skill levels to hunt, investigate, and remediate even the most sophisticated threats across the network leveraging automated context provided by our AI-powered security. Our proprietary data stack, Singularity

4

Table of Contents

Data Lake, and cloud architecture enable us to retain this rich, contextual data on behalf of our customers for extended periods of time in a highly cost-efficient manner. All of this threat intelligence is fed back into our AI models and Purple AI, further strengthening our algorithms and creating a strong flywheel effect that deepens our competitive moat.

Singularity can be flexibly deployed on the environments that our customers choose, including public, private, or hybrid clouds. Our feature parity across Windows, macOS, Linux, and Kubernetes offers best-of-breed protection, visibility, and control across today’s heterogeneous information technology (IT) environments. Together, these capabilities make our platform the logical choice for organizations of all sizes, industry verticals, and compliance requirements. Our platform offers true multi-tenancy, which enables the world’s largest organizations, managed security providers and incident response partners with an excellent management experience. Our customers are able to realize improved cybersecurity outcomes with fewer people.

Singularity is used globally by organizations of all sizes across a broad range of industries. Our AI and automation driven approach to cybersecurity has been adopted by some of the world’s largest organizations. As a result, we have grown rapidly since our inception. Our revenue for fiscal 2026 and 2025 was $1,001.3 million and $821.5 million, respectively, representing year-over-year growth of 22%. During this period, we continued to invest in growing our business to capitalize on our market opportunity. As a result, our net loss for fiscal 2026 was $450.7 million compared with a net loss of $288.4 million in fiscal 2025.

Industry Background

Cybersecurity is fundamentally a data problem. Advances in AI, specifically machine learning (ML), where algorithms use data to make decisions with minimal human intervention, are already revolutionizing fields such as healthcare, advertising, and securities trading. We believe that AI is ripe for revolutionizing cybersecurity. First, organizations need to ingest, normalize, and correlate petabytes of structured and unstructured data from a myriad of external and internal data in a cost efficient manner. Second, organizations need to apply powerful AI models to this high-fidelity contextual data to automatically detect known and unknown threats, then autonomously remediate and neutralize such threats. It is critical that we harness the power of data and AI to protect our digital way of life.

Stakes are high for organizations and cybercriminals alike. The exponential growth of sensitive customer and business data has simultaneously made many organizations and governments the target of highly sophisticated cybercriminals. Powered by very large networks of individual attackers distributed worldwide, cybercrime is practically infinite in scale and transcends geographical boundaries. To gain access to an organization’s data, cybercriminals target endpoints, applications, and user credentials and deploy a variety of sophisticated methods in the form of attack frameworks, ML, weaponized exploits, fileless techniques, and social engineering. As a result, solutions that help strengthen and scale cyber defenses cost effectively are a top-level priority for organizations today.

Tectonic shifts in IT require a “Zero Trust” operating procedure. With millions of remote devices accessing thousands of applications running in public, private and hybrid clouds, traditional perimeter-based security controls are bypassed, and organizations have to operate in a “Zero Trust” IT environment. The attack surface continues to expand rapidly, and the notion of a corporate perimeter protected by firewalls is a relic of the past, making endpoints and cloud workloads the epicenter, and protection software the first, and last, line of defense. Several tectonic shifts in IT have increasingly left companies vulnerable including:

•Rapid adoption of cloud computing. Cloud computing has become a strategic imperative for organizations to accelerate their digital transformation. Security and compliance are a shared responsibility model between cloud infrastructure providers and their customers, and organizations are looking for technology solutions that protect their growing cloud workloads while enabling flexible deployment options across public, private and hybrid clouds.

•The operating system landscape is more complex than ever before. The diversification of IT, the trend towards hybrid work environments, and bring your-own-device policies have brought Macs and other devices into today’s organizations. Organizations are looking for cybersecurity solutions that deliver

5

Table of Contents

comprehensive defense capabilities and feature parity across a large variety of operating systems, including Windows, macOS, and Linux, without burdening their IT teams.

•Proliferation of connected devices. Billions of connected devices are online today and the numbers are only expected to increase. Many of these devices have little to no built-in security capabilities. Cybercriminals are increasingly exploiting inherent vulnerabilities in these devices to breach organizations. Unmanaged devices are especially vulnerable. As a result, the attack surface has exploded and visibility across connected devices and continuous assessment of their risk profiles have become top priorities for organizations.

•Remote and hybrid work is here to stay. As companies continue to adopt and maintain remote and hybrid work practices, the risk of cyberattacks has increased. As a result of the accelerated structural shift towards a distributed workforce, organizations are increasingly looking for cybersecurity solutions that safeguard their remote workforce and employee credentials.

Sophisticated AI-based cyberattacks circumvent existing security controls. Cyberattacks have evolved from malware to highly sophisticated, organized and large-scale attacks by malicious insiders, criminal syndicates, and nation-states seeking to circumvent existing security controls and undermine critical societal functions through a variety of attacks. Modern attacks are fast acting and can breach organizations, exfiltrate data, demand ransoms, and disrupt operations within seconds. Alternatively, some attacks, such as advanced persistent attacks and targeted attacks, are designed to breach organizations and stealthily infiltrate across assets, steal data, facilitate future attacks, or cause other harm over a long period while operating undetected. In addition, threat actors are using generative AI to increase the sophistication, frequency, and speed of cyberattacks. The new challenges in the security landscape require autonomous security powered by AI and ML.

Cybersecurity teams are unable to scale. While the number of connected devices, applications and cyber threats have increased exponentially, organizations are facing an acute shortage of skilled cybersecurity talent. The large number of security solutions that companies have deployed over time generate large volumes of alerts that overwhelm security teams as they must sift through and analyze. Out of necessity, organizations are demanding solutions that do not require human intervention to prevent, detect, and remediate cyber threats.

Limitations of Legacy Solutions

Organizations must deploy solutions that enable them to stay one step ahead of attackers and address intrusion attempts in real-time. As attackers up the ante by developing new skills and deploying new tactics and techniques, legacy tools are often unable to prevent and respond effectively to breaches. The result is a rising number of successful high-profile attacks.

Key limitations of legacy tools are that they:

•Cover a limited spectrum of cyber threats. Legacy tools, such as signature-based approaches, human-powered monitoring, application whitelisting and sandboxing, are each effective under limited circumstances, but lack the ability to detect the full spectrum of threats that organizations face. For example, signature-based approaches can detect attacks that have been seen previously, but are incapable of preventing a wide range of attacks, such as unknown malware, ransomware, modified versions of previously known attacks and the exploitation of zero-day vulnerabilities. They also lack the ability to detect and prevent an increasing number of fileless attacks, that deposit no malware, but instead exploit operating system vulnerabilities and use trusted tools within IT environments. In general, we believe enterprises need to take a more holistic view of security protection across endpoints, cloud environments, and identity credentials. A unified AI-based platform approach is needed to deliver comprehensive protection, visibility, and user experience. As a result, despite deploying a myriad of point solutions, organizations have continued to suffer huge losses from cyberattacks.

•Utilize AI approaches that rely on humans to power protection mechanisms. First-generation AI tools cannot handle the volume, variety, and velocity of data that must be ingested and analyzed, in real-time, to effectively prevent breaches. These tools often rely on ineffective pattern-matching algorithms in the cloud

6

Table of Contents

that generate so much “noise” that human intervention is required to extract useful “signals.” Without curated, contextual data, these tools generate more alerts that need to be analyzed by humans. They cannot take action at machine speed and are thus unable to detect and prevent or stop many fast-acting attacks. Additionally, due to communication latency with the cloud, these tools cannot generate actionable insights in real-time, which is required to stop many current threats.

•Lack long-term data visibility to proactively investigate advanced threats. Many existing detection and response tools lack the capability to store large sets of historical data cost efficiently, and consequently often only offer limited data retention capabilities. This results in only partial datasets being available for threat hunting and time bound retrospective forensic analysis. Limited historical data makes full incident investigation challenging for security personnel, as they are unable to go back in time and see how the attack breached the organization and progressed.

•Struggle to protect complex modern IT environments. Legacy tools were not designed to protect today’s multi-cloud, multi-device, and multi-operating system IT environments. Vendors have extended their existing solutions by bolting on functionalities, which has led to a wide disparity of capabilities across endpoints and operating systems. Legacy tools further lack the ability to identify unmanaged IoT devices which often have very limited, if any, built-in security capabilities and can be used by attackers to access the networks of target organizations. This lack of unified visibility and control over endpoints, cloud workloads, and IoT devices results in gaps in security coverage for organizations.

•Lack deployment flexibility for organizations. Organizations struggle with the limited deployment methods mandated by legacy tools. On-premise tools impose complexity and maintenance burdens on organizations. These tools typically lack the ability to quickly adapt to organizations’ rapidly evolving IT environments, which requires significant upfront investments and configuration and integration efforts. On the other hand, cloud-only cybersecurity vendors are unsuitable for many large and complex enterprises and governments that need private or hybrid cloud solutions to meet their security, regulatory, and compliance requirements.

•Inhibit technology workflow automation. Many legacy tools lack out-of-the box APIs and rely heavily on professional services, which makes the integration and implementation process long, expensive, and often unattainable. The lack of flexible workflow integrations limits organizations’ ability to reduce overhead by automating processes and improving their security by ensuring that process steps are done quickly, consistently, and according to their predefined requirements.

A new paradigm for cybersecurity is needed to autonomously protect organizations and their heterogeneous IT footprints from highly sophisticated, machine-based attacks in a holistic, seamless, and automated manner.

Our Revolutionary Autonomous Approach to Cybersecurity

Our AI-powered Singularity Platform defines and delivers enterprise-wide security across diverse attack vectors — powered by a single, unified data and security architecture. Our platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of disparate external and internal sources in real-time. We build rich context by constructing a dynamic representation of data across an organization. As a result, our AI models are highly accurate, actionable, and autonomous. Furthermore, our platform provides visibility across an organization’s digital assets through one console, making it easier and faster for analysts to search through petabytes of data to investigate incidents and hunt threats. Singularity offers multi-tenancy and can be deployed on a diverse range of environments that our customers choose, including public, private, or hybrid clouds.

Singularity Platform Capabilities and Our Competitive Strengths

•Protects against present and future cyber threats. A combination of our powerful Static AI and Behavioral AI locally on the device with Streaming AI models in the cloud addresses the spectrum of attacks in an evolving threat landscape, including ransomware, known and unknown malware, trojans, hacking tools, memory exploits, script misuse, bad macros, and “living off the land,” file-less, or AI-based attacks. When

7

Table of Contents

our on-device ML models assess how an endpoint behaves, they are completely independent of the attack vector itself or any further updates and configurations.

•Platform approach enables protection and visibility across all digital assets. Our Singularity Platform provides organizations with our full suite of real-time threat prevention, detection, and remediation capabilities across their endpoints, cloud workloads, servers, operating systems, and user credentials. Our platform further leverages our agents, combined with passive and active network discovery methods, to provide our customers with organization-wide visibility into their network assets, managed and unmanaged. Our platform approach helps enterprise consolidate security tools while enhancing enterprise-wide coverage.

•Provides autonomous protection and remediation. Powered by our AI and Storyline technology, our agents can defend and heal endpoints autonomously and in real-time by stopping malicious processes, quarantining, remediating, and even rolling back events to surgically keep endpoints clean. Rollbacks can be performed autonomously and in real-time, eliminating the need for manual, expensive, and time-consuming incident cleanup. Further, Purple AI allows security teams to quickly identify and respond to threats through natural language queries and automated investigation workflows, significantly reducing response times.

•Enables facilitated, as well as fully automated, incident investigation and proactive threat hunting. Our platform gives security teams the ability to search their IT assets for behavioral indicators via a single-click interface. Our platform’s unified visibility and contextual data empower security analysts of all skill levels to run queries at very fast speeds, and quickly understand the root causes behind the most complex threats. Purple AI supercharges the security analyst experience, with simplified user experience, improved efficiency, and more holistic hunting capabilities.

•Provides full forensic recall for complete remediation. We offer our customers the ability to retain rich, contextual data for extended periods of time in a highly cost-efficient manner. For compliance and security, enterprises need cost effective data retention for longer periods of time. This forensic data helps our customers investigate breaches that have stealthily infiltrated their organization and potentially operated undetected for many months giving them the ability to ensure that any incident has been fully remediated without the need to re-image or replace elements of their IT infrastructure.

•Provides a superior customer experience. We put the user at the center of our product development and engineering processes. The combination of our intuitive and clean user interface, our ability to provide context with one click, and a high degree of automation empowers our customers to use Singularity platform independent of their expertise level.

•Proprietary data stack. Our modern, innovative, and extensible data stack, Singularity Data Lake, enables us to ingest, process and analyze massive amounts and a wide variety of data types efficiently. Our independent, component-driven architecture allows us to evolve rapidly leveraging continued innovations of public cloud infrastructure, while controlling every aspect of our innovation roadmap and customer experience.

•Deeply embedded within our customers’ IT stacks. Our API-first approach and Singularity Marketplace allow our customers to easily integrate intelligence, analytics, automation, and other third-party business applications with our platform. Security teams often need to integrate different security tools to address gaps and improve security posture. Our Singularity Marketplace offers no-code automation that allows customers to seamlessly ingest data from third-party applications into our Singularity Platform.

•Flexible deployment model that delivers rapid time to value. Our Singularity Platform can be quickly and easily deployed on a diverse range of environments for our customers, and without extensive configuration or maintenance, including the public, private or hybrid cloud, making it relevant for organizations of all sizes with varying compliance and regulatory requirements. In addition, our platform solutions offer unprotected device discovery and innovative peer to peer installation.

8

Table of Contents

•Rich partner ecosystem. We have deep partnerships with many of the leading Independent Software Vendors (ISVs), alliance partners with whom we engage in joint technology and/or go-to-market strategies; and channel partners, such as distributors, resellers, Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), Managed Detection and Response Providers (MDRs), Original Equipment Manufacturers (OEMs), and Incident Response (IR) firms. Our partner relationships act as force multipliers and provide us with significantly broader market reach. By empowering MSPs, MSSPs, MDRs, OEMs and IR firms with our technology and through our deep partnerships with them, we benefit from the market penetration of those entities.

•Quality and access of cybersecurity and AI talent. Our thought leadership in security and AI, combined with our award-winning culture, allows us to attract and retain some of the best talent at a global scale. It allows us to develop state-of-the-art solutions, innovate faster, and solve many of the industry’s most complex problems.

We believe our leading security and platform breadth positions us well to consolidate and elevate cybersecurity spend across multiple categories. Over time, we believe this unification of the prevention, detection and response paradigm will create new opportunities for additional products and features.

Growth Strategy

Key elements of our growth strategy include:

•Continue to innovate and enhance our cybersecurity and data platform. We will continue to expand our platform by developing new modules to include greater functionality and address additional use cases. As a pioneer in autonomous and AI-based cybersecurity, we have established a track record for expanding our platform capabilities with new modules. Through the convergence of cybersecurity and data, we intend to bring our customers and prospects a variety of differentiated cybersecurity-first, AI-powered, and enhanced data analytics offerings. Having access to some of the world’s top cybersecurity and AI talent through our distributed workforce model and our research and development centers across North America, Europe, the Middle East, and Asia allows us to continue hiring top technical talent and innovate to maintain our leading position.

•Drive new customer acquisition. We have customers, ranging from large enterprises, such as Fortune 500 companies, to small and medium-sized businesses around the world. We intend to continue to add new customers through a product-first approach. This approach enables us to build trusted relationships with a large and rapidly growing group of highly influential managed service and incident response providers, as opposed to creating a dynamic of competition that generates friction between product vendors and service providers. As a Federal Risk and Authorization Management Program (FedRAMP) High certified vendor, we are currently authorized to operate under the FedRAMP, and we intend to further grow our footprint within the U.S. federal government. We intend to continue to build our relationships with our channel partners, including MSPs, MSSPs, MDRs, OEMs, and IR firms, as well as our alliance partners to expand our market reach.

•Increase adoption within our customer base. We have successfully grown our revenue from our customer base as they deploy additional licenses and expand the use of our platform by adopting adjacent solutions. As we enhance our platform functionality and value proposition, we expect many of our customers to adopt additional platform functionalities and Singularity modules to address all of their cybersecurity use cases through the same platform. Our customers can seamlessly activate additional platform solutions to adopt more product offerings. Platform-driven growth has been broad-based with notable strength from our cloud security, data, and Purple AI solutions. Our platform also enables us to show in-product promotions and trials and drive the expansion of our Singularity Modules. The success of our land-and-expand strategy remains a driver of our sustainable growth and long-term customer value.

•Expand our global footprint. Revenue generated outside of the U.S. was 39% for fiscal 2026, compared to 37% for fiscal 2025. We intend to continue to grow our international customer base by increasing our

9

Table of Contents

investments in international operations. We are continuing to invest and hire talent to expand our business in Asia-Pacific and Europe, the Middle East and Africa, and Latin America.

•Expand our total addressable market through acquisitions. We evaluate acquisition prospects that align with our platform, customers, and strategic market opportunities. We intend to use these opportunities to extend the reach of our Singularity Platform into adjacencies that complement our core offerings. We are committed to innovation, automation, and securing data wherever it resides with a front-row seat into cutting-edge cybersecurity technologies. For example, in September 2025, we expanded our platform capabilities through the acquisitions of Prompt Security and Observo AI. The acquisition of Prompt provides technology to secure AI in runtime, offering visibility and protection for enterprise AI deployments. Additionally, the acquisition of Observo, an AI-ready data pipeline company, serves as a complementary catalyst for our AI Security Information and Event Management (SIEM) offering by streamlining data ingestion and enrichment.

Our Singularity Platform

Our Singularity Platform delivers AI-powered autonomous threat prevention, detection, response, and exposure management capabilities across an organization’s endpoints, cloud workloads, and identity credentials, enabling seamless and autonomous protection against a full spectrum of cyber threats. We built our platform to be deployed as a cloud service in public, private, and hybrid cloud environments. We further offer customers a broad set of capabilities through our platform solutions.

Our platform capabilities are connected through three key patented technologies:

•Data Analytics. Our data analytics technology can ingest, correlate, and query petabytes of structured and unstructured data from disparate external and internal sources at machine speed.

•AI Models. Our Static, Behavioral, and Streaming AI technologies run in a distributed manner on our data cloud as well as on every endpoint, cloud workload, or user identity we protect. We overlay the entire experience with Purple AI, using generative AI to improve the efficiency and effectiveness of overall security operations.

•Storyline. Our Storyline technology builds a model of real-time running processes and their behaviors, to create rich, contextual data narratives which become the input to our Behavioral AI model. Storyline is the foundation of our security offerings providing unprecedented levels of visibility, with contextual information for benign and malicious processes.

Advanced Platform Capabilities

•Binary Vault. Enables customers to store and download copies of any file that has been executed in their environment for forensic review and reverse engineering. Binary Vault can store a copy of every known binary, both benign and malicious, that executes across an enterprise.

•Remote Script Orchestration (RSO). Enables enterprises and incident responders to investigate and respond to threats on multiple endpoints across the organization remotely, enabling them to easily manage their entire fleet. Our remote script orchestration capability allows concurrent execution of custom and preset scripts across an enterprise, instead of having to triage with a device-by-device approach.

•Storyline Active Response (STAR). STAR gives users the capability to set custom Indicators of Compromise (IOC) based rules for real-time analysis, alerting, and automatic response workflows. Our STAR module is also capable of ingesting threat intelligence feeds to enhance and correlate analyses.

•Data Retention. Modern attacks can take days and weeks to initiate after infiltration. Therefore, it is critical for a security solution to provide visibility for extended periods of time. This enhances both retrospective analysis and proactive hunting measures. We offer data retention for up to three years or more to provide maximum value from our Deep Visibility Threat Hunting module.

10

Table of Contents

•Cloud Funnel. Allows organizations to export their data in real-time to their private data lakes, whether locally-hosted or in the cloud. It securely streams a copy of all endpoint telemetry to a customer’s local data lake for further correlation with other security tools, while allowing offline data storage for audit and compliance.

Proprietary Security Data Lake

Singularity Data Lake (SDL) is our fully integrated security data lake that seamlessly fuses together the data, access, control, and integration planes of Endpoint Protection (EPP), Endpoint Detection and Response (EDR), Cloud Workload Security (CWS), Identity Protection, and IoT security into a centralized platform. With our Singularity Platform, enterprises gain visibility and access to their security data through a single pane of glass across multiple sources. SDL was designed with the goal of optimizing scale, cost and performance what we call the Golden Ratio of Big Data. This is achieved using innovative data structures, storage systems, and algorithms:

•Ingest. Our platform can ingest structured and unstructured data from any source, with little to no manual configuration and at unprecedented speed and scale.

•Normalize. Aligns every data point to extract the shared elements regardless of origin and to produce true insights.

•Correlate. We correlate events from multiple sources into Storylines which contain event data, both benign and malicious, in a context-rich format for easy understanding.

•Analyze. Our Singularity Platform enriches and visualizes every Storyline with information from Threat Intelligence sources, both homegrown and through integrations with third-party intelligence information services.

Multi-tenancy Architecture

We offer complete multi-tenancy with four tiers—Global, Account, Site, and Group. Policies set at the higher tier of the hierarchy are automatically inherited by the lower levels, but administrators may override them to create local policies at any tier. We also support fully customizable Role Based Access Control, that allows organizations to create specific rules controlling console permissions at a granular level. This enables large, distributed teams to work independently while at the same time providing a global view for the chief information officer and other stakeholders. It further enables our platform adoption by the world’s largest organizations, MSPs, MSSPs, MDRs, OEMs, and IR firms.

IT and Security Operations

Our Singularity Platform enables security and IT teams to identify software or application vulnerabilities, fix insecure configurations, and manage endpoints. Vulnerable and misconfigured applications make it easier for attackers to gain entry and evade detection. Addressing these vulnerabilities and misconfigured settings strengthens the security risk profile of our customers. Our platform has the following capabilities: Application Inventory, Scanless Vulnerability, Assessment, Device Control, Native Operating System Host Firewall Control, and File Integrity Monitoring.

Singularity Platform Solution Offerings

Our Singularity Platform offers a highly flexible deployment model. It is primarily hosted in Amazon Web Services (AWS) in multiple regions across North America, Europe, Asia Pacific, and AWS GovCloud. Our platform can also be hosted in Google Cloud, as well as customers’ on-premise data centers, and private and hybrid cloud environments for organizations with specialized hosting and data sovereignty needs.

11

Table of Contents

Our Singularity Platform provides feature parity across Windows, macOS, and Linux. It provides customers with full flexibility through a multi-tier offering priced on a per agent basis, which generally corresponds with an endpoint, server, virtual machine, or host. The tiers of our Singularity Platform include:

•Singularity Core. Our entry level security solution for organizations that want to replace antivirus tools with our EPP which we believe is more effective and easier to manage than legacy antivirus and next-generation antivirus products.

•Singularity Control. Made for organizations seeking best-of-breed security with the addition of our “security suite” features for endpoint management. It provides additional features for controlling network connectivity, USB and Bluetooth peripherals, and uncovering rogue devices.

•Singularity Complete. Our flagship offering includes a comprehensive suite of EDR product capabilities.

•Singularity Commercial. Provides AI-powered foundational protection for identities, endpoints, and the cloud.

•Singularity Enterprise. Provides comprehensive protection across endpoints, cloud, and identities as well as cost-effective services to safeguard businesses.

Generative AI-Security Agent (Purple AI)

Purple AI is powered by our generative AI-security innovation and is fully-integrated across Singularity solutions. It helps organizations achieve more autonomous Security Operations (SOC). Today’s security teams face a sophisticated threat landscape and endless alert queues. Purple AI delivers industry-leading AI capabilities to reduce mean time to detect, hunt and investigate risks to your business.

Prompt Security

Our security for AI solution, Prompt Security, empowers enterprises to embrace this new AI era with confidence. By providing the guardrails and governance needed to innovate safely, it enables companies to move fast, unlock the full potential of AI, and build trust with customers and employees alike – turning AI from a source of risk into a catalyst for growth.

Security Information and Event Management (SIEM)

Powered by Singularity Data Lake (SDL), Singularity AI-SIEM is a cloud-native SaaS solution that redefines security operations. By eliminating data schema requirements from the ingestion process and index limitations from querying, Singularity AI-SIEM can process massive amounts of live data in real time, delivering log management, data analytics, and alerting with unparalleled speed, performance, and efficiency.

Singularity AI SIEM offers enterprise visibility, real-time detection, and enhanced productivity. This helps improve overall security posture, boost cyber resilience, increase SOC efficiency, and maintain compliance. Singularity AI-SIEM is built for the cloud and offered as a cloud service, freeing up engineering resources from managing data refineries.

Observo.AI is a real-time data pipeline solution that offers freedom and control to for customers to be able to own, secure, and route their data anywhere they want. It strengthens the value of Singularity platform and offers a model for reducing data costs and improving threat detection, across any SIEM or data lake—helping customers lower data overhead, improve signal quality, and extract more value from the data they already have, no matter where it lives.

Endpoint Security (EPP and EDR)

Our next-generation endpoint security provides autonomous real-time protection across all operating systems, including Windows, Linux, macOS, and cloud-native and containerized workloads. Our endpoint protection is powered by distributed AI which resides both on devices as well as in the cloud for always-on, machine-speed

12

Table of Contents

protection. It is capable of autonomous decision making on the device and stopping threats in milliseconds rather than minutes, hours or even days. We are able to provide superior performance compared to traditional signature-based antivirus tools and earlier next-generation antivirus products with the following three key capabilities:

•Static AI. Our on-device AI model can detect file-based attacks, even those that are previously unknown zero-day exploits, with extreme precision in milliseconds. Our Static AI model is the output of a supervised ML cycle that is trained on a continuously evolving data set from billions of files coupled with data from multiple threat intelligence sources, including our proprietary Embedded Threat Intelligence.

•Behavioral AI. Our on-device AI model continuously scores Storylines from the device to precisely classify individual or group behaviors as benign or malicious. The accuracy of our Behavioral AI is powered by the rich contextual information that is encoded in each Storyline that is being scored. As a result, our Behavioral AI is attack vector agnostic because it is not limited to any particular pathway used by attackers to penetrate a system, such as zero-day vulnerability exploits and living off the land attacks.

•Embedded Threat Intelligence. Our cloud threat intelligence system combines threat information from our data analytics and research teams, Vigilance MDR and IR services, and other commercial and proprietary threat feeds. Our Purple AI for Threat Intelligence expands and accelerates an organization’s ability to deliver deep insights needed to proactively protect against threats and mitigate risk.

Unlike first-generation EDR products that are reactive and mainly focused on collecting data, our ActiveEDR solutions leverage Storylines to reduce analysis time and to automate response actions by significantly minimizing the time between detection and response through technology automation. It enables on-device behavioral analysis, auto-remediation, and response in a fully autonomous fashion. ActiveEDR reduces analysis time and requirements for specialized skills by providing technology-generated context which would otherwise need to be produced by highly skilled people manually in a time-intensive and error prone fashion. ActiveEDR excels at visualizing context, pinpointing anomalies, and providing a variety of granular responses. The main capabilities of ActiveEDR are:

•Deep Visibility Threat Hunting. Deep Visibility Threat Hunting provides an easy-to-use search interface on top of our Deep Visibility dataset. The Storylines shown within Deep Visibility hunts enable one-click responses, which are far easier and faster to execute than manually scripting responses. As a result, both entry level and highly skilled analysts can analyze results faster, review more alerts, and be more productive with the power of technology.

•Response Capabilities. Our Singularity Platform offers one of the broadest sets of response actions in the EDR market. Leveraging Storylines, we automate responses or make them optionally initiated by operators. Our response capabilities enable security analyst to Kill, Quarantine, Remediate, Remote Shell, and Rollback.

Our endpoint security also covers mobile devices including iOS, Android, and ChromeOS devices. It delivers mobile threat defense that is local, adaptive, and real-time, to thwart mobile malware and phishing attacks at the device, with or without a cloud connection. Our leading on-device behavioral AI product dynamically detects never before seen malware, phishing, exploits, and man-in-the-middle attacks. Singularity Mobile provides security and data privacy to support zero trust.

Cloud Security

We offer both agent and agentless cloud security capabilities in a comprehensive CNAPP. Offering these in a unified security platform helps reduce operational complexity and improve integrated protection and remediation capabilities.

Our agent-based CWS solution extends distributed, autonomous endpoint protection, detection, and response to compute workloads running in public clouds, private clouds, and on-premise data centers. Our runtime protection delivers prevention, detection, response and hunting functionalities purpose-built for these environments. We offer full-fledged EPP and EDR for servers, virtual machines, and containerized workloads. Our Cloud Application

13

Table of Contents

Control locks down the running image of servers and containers to prevent configuration drift and protect against unauthorized changes, in line with best practices for cloud workload security.

Our agentless CNAPP delivers multi-cloud insights spanning asset discovery, misconfigurations, vulnerability management, and more. Our CNAPP solutions include:

•Cloud Security Posture Management (CSPM) automatically and continuously identifies and responds to cloud misconfigurations and reports on compliance with industry benchmarks. Furthermore, it detects vulnerabilities in cloud infrastructure including infrastructure as a code (IoC) scanning, secret scanning, and code to runtime monitoring across major cloud services (AWS, GCP, Azure, Oracle, Alibaba, and more).

•Cloud Infrastructure Entitlement Management (CIEM) offers identity management, access controls, continuous monitoring, and advanced analytics to enforce zero-trust network security principles from a centralized console.

•Cloud Data Security (CDS) protects cloud environments from the spread of malware through automated file threat analysis. Customers receive protection from malicious files in Amazon Simple Storage Service (S3) and NetApp. Our AI-powered threat detection delivers unparalleled visibility and proactive protection against advanced threats, ensuring security and compliance.

•AI Security Posture Management (AI-SPM) helps address the evolving risks associated with generative AI. AI-SPM was designed to safeguard AI models and pipelines deployed on managed AI services such as Amazon SageMaker, Amazon Bedrock, Azure OpenAI, and Google Vertex AI.

Identity Security

Our identity security solutions act as a force multiplier for security teams, allowing them to assume a more robust security posture and extend the capabilities of the Singularity Platform to protect user credentials. Our Singularity Identity solution detects and responds to identity-based attacks and finds attackers early, before they can exploit identities. Our identity solution also reduces the potential attack surface and proactively increases security by identifying misconfigurations and credential exposures that create attack paths for attackers to move laterally. Our identity security portfolio includes:

•Singularity Identity Threat Detection and Response (ITDR) detects real-time identity attacks across the enterprise that target identity access management services like Entra ID. It delivers holistic identity threat detection and response including credential theft, privilege escalation, lateral movement, data cloaking, identity exposure, and more for zero trust cybersecurity.

Exposure and Vulnerability Management

Our vulnerability management solutions enable control of the enterprise network attack surface in real time by discovering, identifying, and containing any device-based threat. Exposure Management leverages the presence of our software in an organization’s network to track assets, create an Enterprise Asset Map, perform network segmentation, deploy our agents to unprotected devices, and provide risk scores. Ranger provides organization-wide inventory and control of IoT devices by discovering connected devices, including virtual machines, containers, and IoT devices such as printers, smart TVs, and thermostats. These solutions include:

•Ranger Entra ID uncovers vulnerabilities in identity infrastructure and credentials such as Entra ID with a cloud-delivered, continuous identity assessment solution. It provides instant Active Directory visibility of misconfigurations, suspicious password changes, credential harvesting, unauthorized access, and more.

•Extended Security Posture Management (xSPM) addresses the lack of visibility into pre- and post-breach issues across multiple siloed security products. The result is faster triage, simplified remediation processes, and reduced costs. xSPM delivers proactive posture management with real-time insights into vulnerabilities and misconfigurations. It unifies exposure management by optimizing risk reduction workflows and providing comprehensive visibility through consolidating and prioritizing security findings from SentinelOne and third-party solutions.

14

Table of Contents

•Singularity Vulnerability Management (VM) is a network discovery and vulnerability management solution that identifies and prioritizes risks to an enterprise's attack surface. It detects vulnerabilities and provides dynamic prioritization based on the likelihood of exploitation and business criticality. Using the SentinelOne agent, it delivers streamlined EDR, network discovery, and vulnerability management. Vulnerability Management increases cyber resilience and reduces complexity by autonomously discovering unmanaged assets, evaluating their risk, and automating controls to isolate unmanaged endpoints.

•Singularity Network Discovery (formerly Ranger) is a real-time network attack surface control solution that identifies all IP-enabled devices on your network without requiring additional agents, hardware, or network changes. It uses advanced ML device fingerprinting to inventory and categorize assets, protects against device-based threats with 1-click isolation of suspicious devices, and efficiently deploys agents to unsecured endpoints with configurable peer-to-peer job automation.

Threat Services

Singularity Threat Services provide a deeper understanding of the threat landscape, monitoring emerging threats to proactively reduce risk and identify adversaries in a digital environment.

•Wayfinder Managed Detection & Response (MDR) provides 24/7/365 detection, investigation, and response, using curated SentinelOne and Google Threat Intelligence to deliver expert threat hunting, comprehensive protection, and proactive defense. MDR Essentials delivers turnkey 24/7/365 protection with integrated threat hunting, real-time dashboards, and streamlined digital onboarding. MDR Elite builds on this foundation with dedicated Threat Advisors for tailored security, high-touch proactive engagement and strategic guidance. With Wayfinder MDR, organizations can stay ahead of threats, reduce risk, and advance security posture with confidence.

•Singularity MDR offers 24/7/365 managed detection and response coverage that extends beyond the endpoint, providing comprehensive threat detection across endpoints, cloud workloads, identity, and more. The service combines Singularity Platform's rich intelligence and powerful AI automations with the threat and MDR expertise of the team to deliver faster, more effective detection and response support. The service addresses challenges such as talent and expertise shortage, unmanageable alert volumes, and system complexity.

•Vigilance MDR provides Managed Detection and Response services to help security and IT professionals monitor and respond to emerging threats. This offers 24/7/365 monitoring, triage, response, and hunting, with a team of in-house security experts helping to provide seamless integration with the Singularity Platform. With fast response times and customer support, we add a human lens to cybersecurity understanding to augment our customers’ in-house security teams.

•WatchTower delivers threat hunting and insights to help customers understand the nature of threats, targeted attacks, threat actors, and risk reduction. It provides intelligence-driven, cross-platform threat hunting to help customers adapt to the modern threat landscape through visibility and actionability to novel attacker techniques, global advance persistent threat (APT), campaigns, and emerging cybercrimes. WatchTower distills intelligence down to its most valuable insights, such as a summary bulletin of the threat, its impact on our customers’ organizations, and how the threat can be addressed.

Independent Validation and Testing

Our solutions are regularly assessed by recognized third-party researchers and test labs, where we are consistently recognized as a leader including MITRE Engenuity ATT&CK evaluations, Gartner EPP Magic Quadrant and other industry benchmarking frameworks. These independent tests consistently showcase Singularity’s high-fidelity detection rates, minimal performance overhead, and advanced threat response capabilities—further validating our autonomous, AI-driven approach.

15

Table of Contents

Our Customers

As of January 31, 2026, we had customers using our Singularity Platform in approximately 100 countries. We are protecting the digital infrastructures of customers around the world, including large global enterprises, small and medium-sized businesses, and government organizations. Our business does not depend on any single end customer. For a definition of customer, see the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Key Business Metrics—Customers with ARR of $100,000 or More.”

Seasonality

We experience seasonal fluctuations in our financial results due to the annual budget approval process of many of our customers. We typically receive a higher percentage of our annual orders from new customers, as well as renewal orders from existing customers, in our fourth fiscal quarter as compared to other quarters due to the annual budget approval process of many of our customers.

Human Capital Resources

Our Team

As of January 31, 2026, we had over 2,900 full-time employees worldwide. We also engage temporary employees and consultants as needed to support our operations.

Our U.S.-based employees include team members in all key functions, including go-to-market, customer success, technology, product, and support. Each of our U.S. offices has a different functional focus but shares a driven, customer-centric culture. Our headquarters in Mountain View, California is where the majority of our executive, marketing, finance, legal, people and talent, and sales operations team members are located, which supports cross-functional collaboration.

Our office in Tel Aviv, Israel benefits from Israel’s concentration of cybersecurity experts. This team draws from a deep pool of Israeli military cybersecurity and intelligence experts, product mavens, and general technical talent.

Our office in Prague, Czech Republic houses research and product development functions to augment current teams across the globe and the expansion of our global engineering organization.

Our European headquarters is in Amsterdam, Netherlands, which we chose for its talent pool, language versatility, diversity, labor and tax laws, and central location in relation to our offices in the U.S. and Israel.

Our Dubai office is primarily focused on go-to-market activities in the Middle East and Africa and supports our new business efforts in connecting with both customers and partners across these regions.

Our Bangalore, India office houses engineering talent as well as support functions across general, administrative and go-to-market. The economic climate in India continues to expand with endless potential. We are excited to continue our investment across this beautiful country.

None of our employees are represented by a labor union or are a party to a collective bargaining arrangement. We have not experienced any work stoppages and we believe that our employee relations are strong.

Our Culture

Our vision is a safer future for humanity and our purpose is to give the advantage to those who secure our future. Our core values are at the foundation of our inclusive culture and guide our approach on how we build and grow our business with all stakeholders:

•Trust. Be dependable. Conduct yourself with the highest integrity at all times.

•Accountability. Be reliable in all your actions and words. Put customers first. Be the owner.

16

Table of Contents

•OneSentinel. Be passionate about driving team success and collaboration across our company.

•Relentlessness. Act with unwavering purpose and determination in everything you do.

•Ingenuity. Encourage innovative approaches to problem-solving and market leadership. Embrace diverse perspectives. Hustle.

•Community. Be kind to one another. Think about how your actions will affect others. Together.

Our employee value proposition was designed using feedback from employees around the globe. It is our promise to all Sentinels and candidates on what to expect while working at SentinelOne. Here you will drive innovation, pushing the boundaries of cybersecurity to determine what’s next. Here you will build your future, with amazing benefits and tools to grow. Here you will enjoy your work, in a culture that is built on equal opportunity, integrity and autonomous action.

We value transparent and respectful communication as key components of our continuous feedback culture, something that we view as a key driver of our business success. We benefit from the varied perspectives that come from our global workforce. We believe in the strengths of diversity and are committed to building out a diverse talent base. We plan to continue investing in hiring employees both in and outside of the U.S.

We received multiple workplace accolades in 2025.

•Fortune recognized SentinelOne as a Fortune Future 50 company, 100 Best Companies to Work For in Europe, Best Workplace in Technology, Best Workplace for Parents, Best Workplace in the Bay Area.

•U.S. News & World Report recognized SentinelOne as one of its 2025 Best Companies to Work For, Best Companies to Work For in IT, and Best Companies to Work For in the West.

•Newsweek named SentinelOne to its America’s Greatest Companies list.

•Built In recognized SentinelOne as a 2025 Best Places to Work in the United States.

•Great Place to Work recognized SentinelOne on Best Workplaces lists in several countries, including the United Arab Emirates in the Small category; France for Best Workplaces and Best Workplaces in Technology; Germany across the Information and Communications Technology, Small and Medium Companies, and Bavaria lists; Italy; and Poland. SentinelOne was also recognized for Best Workplaces for Millennials.

•SentinelOne also achieved Great Place to Work certification (December 2025 - December 2026) for Australia, Canada, Costa Rica, Czechia, France, Germany, India, Israel, Italy, Japan, Netherlands, Poland, Singapore, Slovakia, Spain, the United Arab Emirates, the United Kingdom, and the United States.

Our presence and engagement across all social media platforms continue to grow rapidly, a reflection of the market’s perception of us and our leadership as innovators in the cybersecurity space. We pride ourselves on offering employees an award-winning culture centered around trust and integrity, as together, we work to defeat every cyberattack with autonomous technology.

Retention and Talent Development

We believe that motivating and retaining talent at all levels is vital to our success. Our compensation and benefits program is intended to anticipate and meet the needs of our employees. In addition to base salary, these programs, which vary by country and region, include bi-annual bonuses, equity awards, an employee stock purchase plan, a 401(k) plan, including a 401(k) match in the U.S., healthcare and insurance benefits, health savings and flexible spending accounts, unlimited vacation, wellness reimbursement, 16 weeks of gender-neutral parental leave and more. We have increased our investment in training and development and have rolled out several key programs as well as enabling our employees to access over 1,000 on-demand webinars in technical and soft skills areas.

17

Table of Contents

We continue to globally align our benefits to focus on business continuity and employee well-being. We have been very intentional with our efforts to support employees while working from home and in their return to the office. Further, we have enhanced and promoted programs to support employees’ physical and mental health and well-being. We have built a company that we believe thrives whether our employees are in offices or remote.

Research and Development

Our research and development organization is responsible for the design, development, testing, and delivery of new technologies, features and integrations of our platform, as well as the continued improvement and iteration of our existing products. It is also responsible for operating and scaling our platform including its underlying infrastructure. Our most significant investments are in research and development to drive core technology innovation and bring new products to the market. Research and development employees are located primarily in our Israel, India, and Czech Republic offices, and remotely.

We have a proven team that works to expand our market, customer and user reach and impact with new, innovative products. We intend to continue to invest in our research and development capabilities to extend our platform and products.

Our Go-To-Market Strategy

Our sales and marketing organizations partner to create brand awareness, drive demand, and develop customer relationships to deliver strong sales pipeline coverage and revenue growth.

Sales

Our direct sales team, which is composed of field sales and inside sales professionals, sells subscriptions to our Singularity Platform by leveraging our global network of channel and alliance partners for prospect access and fulfillment. For specific market segments, our channel partners independently manage the complete sales cycle resulting in a highly scaled and leveraged sales experience. Our sales team also identifies existing customers who may be interested in free trials of additional platform modules, which serves as a powerful driver of our “land and expand” growth model. Through segmenting our sales teams by customer size, we can deploy an efficient and scalable sales model which enables rapid prospect engagement, thorough technology evaluations, and yields lasting customer relationships.

Marketing

Our marketing organization is focused on building our brand reputation, increasing the awareness of our platform, and driving prospect and customer demand. To support these efforts, we deliver broad-based brand campaigns to build awareness of our solutions and our company. We also deliver targeted and situational content to demonstrate thought leadership in the security industry, including speaking engagements with the security industry’s foremost organizations to provide expert advice, educating the public about cyber threats, and identifying threat research discoveries that illustrate the business outcomes and differentiation of our solution. We engage in paid media, web marketing, out of home media advertising, industry and trade conferences, analyst engagements, producing whitepapers, demand generation via digital and web, telemarketing, and targeted displacement campaigns. We employ a wide range of digital programs, including search engine marketing, online and social media initiatives, and content syndication to increase traffic to our website and encourage new customers to request an expertly guided trial of our Singularity Platform. Additionally, we engage in joint marketing activities with our channel and alliance partners. Over the past several years, we have experienced significant increases in our brand relevance as demonstrated by coverage in leading global press, analyst publications, website traffic, web demo requests, and channel partner engagement.

Partnership Ecosystem

We work with a number of partners to create “better together” technology solutions for mutual customers, many of which we then leverage in joint go-to-market strategies. These partnerships include many of the leading ISVs,

18

Table of Contents

alliance partners, MSPs, MSSPs, MDRs, OEMs, and IR firms. We provide our partners with our differentiated technology and platform to enable them to provide the best security service to their own customers.

Our Singularity Platform offers our partners complete multi-tenancy and a superior level of management capability and flexibility with tiering, policy inheritance, and customizable role-based access control from the same console. Our data model and open architecture enable our partners to rapidly build and innovate across a wide range of use cases and deliver their products on top of our technology. As such, our partners are not our competitors but instead, act as force multipliers for our go-to-market investments.

Our partner integrations deliver more secure solutions and an improved end user experience to their customers. Our ISV and alliance partnerships focus on security analytics, network and infrastructure security, threat platforms and orchestration, automation, and other mainstream technology integrations.

Singularity Marketplace

Singularity Marketplace is an open application ecosystem that enables customers to seamlessly integrate dozens of applications. Organizations can gain visibility over data across historically disparate security solutions without the need for custom business logic, coding, or complex configuration. Organizations can integrate any security applications and tools regardless of vendor into a single platform without coding or scripting required. Singularity Marketplace extends the power of our platform across the entire security and IT stack to build an effective threat defense posture with layered security, collaborative processes, and integrated products.

Singularity Marketplace enables security teams to converge on a single pane-of-glass for extended detection and response workflows to minimize context switching and distractions during triage and incident response. It helps them gain insights from shared security events without requiring a massive time investment in custom business logic, code, and complex configuration. It allows security teams to drive a unified, orchestrated response among security tools in different domains.

Competition

The market for our solutions is competitive and characterized by an evolving IT environment, customer requirements, industry standards, frequent new product and service offerings, and improvements. We compete with an array of established and emerging security solution vendors.

Our competitors include the following:

•endpoint security providers, such as CrowdStrike Holdings, Inc. (CrowdStrike) and Carbon Black (within Broadcom, Inc.);

•legacy antivirus providers such as Trellix (formerly McAfee Corp.), Symantec (a subsidiary of Broadcom, Inc.) (Symantec), and Microsoft Corporation (Microsoft);

•providers of general network security products and services who offer a broad portfolio of solutions, such as Palo Alto Networks, Inc. (Palo Alto Networks);

•SIEM providers such as Cisco Systems, Inc. (which acquired Splunk) and Elastic; and

•providers of cloud security, such as Wiz, Inc. (acquired by Google Cloud).

We compete on the basis of a number of factors, including but not limited to our:

•ability of our technology to detect, prevent, and block threats;

•breadth of our functionality;

•ability to automate threat prevention and remediation with limited human intervention;

•performance of our platform;

19

Table of Contents

•speed of our threat hunting capabilities;

•support for cloud, hybrid, and on-premise deployments;

•support for various operating systems;

•platform data retention capabilities;

•ability to integrate with other participants in the security ecosystem;

•ease of use to deploy, manage, and maintain our platform;

•quality of our MDR service;

•strength of sales, marketing, and channel partner relationships; and

•customer support.

Although some of our competitors enjoy greater brand awareness and recognition, deep customer relationships, and larger existing customer bases, we believe that we compete favorably with respect to our autonomous and AI-powered threat prevention, detection, response, and hunting capabilities.

Intellectual Property

The protection of our technology and intellectual property is an important aspect of our business. We rely upon a combination of trademarks, trade secrets, know-how, copyrights, patents, confidentiality procedures, contractual commitments, domain names, and other legal rights to establish and protect our intellectual property. We generally enter into confidentiality agreements and invention or work product assignment agreements with our officers, employees, agents, contractors, and business partners to control access to, and clarify ownership of, our proprietary information.

As of January 31, 2026, we had 78 issued patents and 10 pending patent applications in the U.S. and abroad. These patents and patent applications seek to protect our proprietary inventions relevant to our business. These issued patents are scheduled to expire on or around the years between 2034 and 2045 and cover various aspects of our platform and technology.

As of January 31, 2026, we had 18 trademark registrations in the U.S., including registrations for “SentinelOne” and our logo. We also had 103 trademark registrations and applications in certain foreign jurisdictions. Additionally, we are the registered holder of a number of domain names, including sentinelone.com and dataset.com.

Government Regulation

We are subject to many varying laws and regulations in the U.S., the United Kingdom (U.K.), the European Union (E.U.), and throughout the world, including those related to privacy, data protection, intellectual property, AI, consumer protection, marketing, advertising, employment and labor, competition, customs and international trade, taxation, and more. As we grow and expand our geographical reach, we may become subject to additional regulations in the U.S. and internationally.

These laws often require companies to implement specific information security controls to protect certain types of information, such as personal data. These laws and regulations are constantly evolving and may be interpreted, applied, created, or amended in a manner that could harm our current or future business. Our compliance with these laws and regulations may be onerous and could, individually or in the aggregate, increase our cost of doing business, impact our competitive position relative to our peers, and/or otherwise adversely affect our business, reputation, operating results, and financial condition. However, we believe we are currently in material compliance with such laws and regulations to which we are subject and do not currently expect continued compliance to have a material impact on our capital expenditures, earnings, or competitive position. See the section titled “Risk Factors” for additional information about the laws and regulations we are subject to and the risks of our business associated with such laws and regulations.

20

Table of Contents

Corporate Information

We were incorporated in the State of Delaware as Sentinel Labs, Inc. in January 2013. We changed our name to SentinelOne, Inc. in March 2021. Our principal executive offices are located at 444 Castro Street, Suite 400, Mountain View, California 94041. Our telephone number is (855) 868-3733.

SentinelOne, the SentinelOne logo, and other registered or common law trade names, trademarks, or service marks of SentinelOne appearing in this Annual Report on Form 10-K are the property of SentinelOne. This Annual Report on Form 10-K contains additional trade names, trademarks, and service marks of ours and of other companies. We do not intend our use or display of other companies’ trade names, trademarks, or service marks to imply a relationship with these other companies, or endorsement or sponsorship of us by these other companies. Other trademarks appearing in this Annual Report on Form 10-K are the property of their respective holders. Solely for convenience, our trademarks and trade names referred to in this Annual Report on Form 10-K appear without the ® and ™ symbols, but those references are not intended to indicate, in any way, that we will not assert, to the fullest extent under applicable law, our rights, or the right of the applicable licensor, to these trademarks and trade names.

Available Information

We file electronically with the SEC our Annual Report on Form 10-K, Definitive Proxy Statements on Schedule 14A, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to reports filed or furnished pursuant to Section 13(a) or 15(d) of the Exchange Act. The SEC maintains a website at www.sec.gov that contains reports, proxy and information statements and other information that we file with the SEC electronically. We will make available on our website at www.sentinelone.com, free of charge, copies of these reports and other information as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC.

We use our investor relations page on our website (www.sentinelone.com), press releases, public conference calls, public webcasts, our X account (@SentinelOne), our Facebook page, and our LinkedIn page as means of disclosing material non-public information and for complying with our disclosure obligations under Regulation FD. The information disclosed by the foregoing channels could be deemed to be material information. As such, we encourage investors, the media, and others to follow the channels listed above and to review the information disclosed through such channels. Any updates to the list of disclosure channels through which we will announce information will be posted on the investor relations page on our website.

The contents of the websites referred to above are not incorporated into this filing. Further, our references to the URLs for these websites are intended to be inactive textual references only.