ActiveEDR from the Newest Cyber Unicorn
SentinelOne's ActiveEDR combines artificial intelligence with endpoint security into an effective platform solution for enterprise.

ActiveEDR from the Newest Cyber Unicorn

With its recent $200M Series E round, Mountain View-based SentinelOne is now the cyber security industry’s newest unicorn. (The company also raised an additional $120M in a Series D round just a few months ago.) Founded in 2013 by Tomer Weingarten, SentinelOne focuses on endpoint security – with its marketing crosshairs focused on those companies perceived as the main competition: Microsoft, CrowdStrike, and Blackberry/Cylance.

I wanted a deeper look inside this growing firm, so I asked Jared Phipps, VP of Worldwide Sales Engineering, to serve as my tour guide. Phipps took me through the platform design, solution offering, and corporate history – and I must say that the overall picture at SentinelOne looks impressive. In particular, the company has managed to unify the best aspects of modern endpoint security into one autonomous, AI-based platform.

“At SentinelOne, we’ve developed a unique cyber security platform that combines patented behavioral artificial intelligence with the industry’s first unification of endpoint protection (EPP) and endpoint detection and response (EDR),” explained Phipps. “We describe our solution as ActiveEDR to draw contrast with more passive EDR solutions that rely on human beings to parse through information stored in databases to find indicators.”

The flagship SentinelOne offering is called Singularity, their XDR platform supporting endpoint security tasks related to prevention, detection, response, and hunt across the enterprise, IOT and Cloud Workloads. The endpoint protection is achieved using AI algorithms that operate close to the endpoint asset. This allows behaviors to be autonomously examined and pro-actively mitigated without the need to stream log output to a database for human analysis.

The endpoint solution includes a managed overlay called Vigilance which had an average “time to resolution” of 22 minutes, and the platform also extends to emerging IoT devices. “The SentinelOne Ranger solution is designed to reduce the risk of malware being exploited on IoT devices such as printers,” explained Phipps. “We support automated hunting for rogue devices in an enterprise network, with the goal of enforcing security policies on all devices and protecting the enterprise from threats originating from IOT devices.”

As a TAG Cyber industry analyst, my task is to identify and highlight for you the salient aspects of companies such as SentinelOne to assist in your own understanding, and eventual source selection. Sometimes, this involves identifying and sharing a unique corporate back story, perhaps belonging to the founder. Other times, it involves pointing out patents for game changing inventions, perhaps based on work in academia.

But for SentinelOne, the most important aspect of their solution involves the integration of many features into one platform including autonomy, artificial intelligence, IoT security, and obviously endpoint security. The autonomous AI enables ActiveEDR – and this goal of assisting the human hunter and driving automated response and recovery capabilities seems attractive. SentinelOne describes this as “having a SOC on every endpoint”. I would expect other vendors to begin using the term ActiveEDR as well.

The competition in endpoint security is tough – and as mentioned above, having competitors such as Microsoft, CrowdStrike, and Blackberry/Cylance is no picnic. CrowdStrike, in particular, emphasizes the use of automation near the endpoint to assist in the hunt task with pre-trained agents that utilize AI for detection. So, even with a fresh $200M in the bank, SentinelOne will have to invest wisely and continue to innovate aggressively.

That said, it doesn’t require going far out on limb to predict good things for this company. In a recent TechCrunch article, Tomer Weingarten is quoted as having said in an interview that an IPO “would be the next logical step” for SentinelOne. Regardless of what the company decides, the influx of investment, which is expected to more-than-double headcount in the coming years, should push SentinelOne toward continued accelerated growth.

If you are concerned with endpoint security – and if you work in an enterprise, then this should be a foregone conclusion, then I strongly recommend that you include SentinelOne high up in your source selection planning. The company is the real deal, and I think time spent with an executive such as Jared Phipps will be wisely invested. As always, after you speak with SentinelOne, please let us all know what you learned.

I look forward to hearing from you.


 

Carolyn Crandall

Founder | Advisor| CMO Practice Leader | Tech GTM | Driving next generation marketing with AI

4y

Nice shout out from Edward Amoroso on SentinelOne and love the comments from Michael Pace from AT&T on Attivo Networks, Inc. #deceptiontechnology and how it is a great complement to #EDR and #EPP. #ciso #cybersecurity #cyberdeception #activedirectory

Like
Reply

Ed we’ve been working with a Deception company named Attivo. It’s seems to me that Attivo would be a natural partner with both EPP and EDR for comprehensive Endpoint protection. Attivo provides additional capabilities that EPP and EDR solutions don’t have. Of particular interest is their AD Secure and Deflect capabilities. So much more than honeypots! Hope all is well.

To view or add a comment, sign in

More articles by Edward Amoroso

  • Five Tips for Working CISOs

    Five Tips for Working CISOs

    Our team at TAG has been coaching CISOs for years – and this includes private discussions just about every day of every…

    12 Comments
  • The SEC is Weakening the Cybersecurity Posture of the United States. Here is Why.

    The SEC is Weakening the Cybersecurity Posture of the United States. Here is Why.

    Preface During May and June of 2024, draft versions of this article were shared with Chief Information Security…

    123 Comments
  • Sad Loss Today

    Sad Loss Today

    Several years ago, before the Pandemic, I received a friendly call from a law firm I’d done some business with – and…

    9 Comments
  • Remembering Steve Katz

    Remembering Steve Katz

    Back in the mid-1990’s, Frank Ianna, then President of AT&T, called me into his office to ask whether it would be…

    38 Comments
  • Here is the Letter the SEC Should Send to Investors on Cyber

    Here is the Letter the SEC Should Send to Investors on Cyber

    Below is a draft letter that I believe the Securities and Exchange Commission (SEC) should send to investors: The…

    57 Comments
  • Telling Your Startup Story: From Napkin to PowerPoint

    Telling Your Startup Story: From Napkin to PowerPoint

    Motivation. In our research and advisory work at TAG, we regularly witness startup founders telling their story in a…

    5 Comments
  • The Death of Cybersecurity Questionnaires in Three Acts

    The Death of Cybersecurity Questionnaires in Three Acts

    Below, we offer a little cybersecurity fable that starts in Act 1 with the use of an evil human-to-human questionnaire…

    15 Comments
  • Three Briefing Tips for Small Startups

    Three Briefing Tips for Small Startups

    Occasionally, in our day-to-day research and advisory work at TAG, we see business mistakes being made by smaller…

    18 Comments
  • NYU CCS Talk: Cybersecurity and Resilience – The Path Forward

    NYU CCS Talk: Cybersecurity and Resilience – The Path Forward

    I had the opportunity to attend a nice lecture in Brooklyn this past Thursday, as part of our AIG-sponsored lecture…

    8 Comments
  • How to Manage Enterprise Security Staffing Levels

    How to Manage Enterprise Security Staffing Levels

    If you ask an analyst or consultant what the proper headcount staffing level should be for cybersecurity team members…

    11 Comments

Insights from the community

Others also viewed

Explore topics