SentinelOne was conceived in 2013 when a group of defense and intelligence experts saw savvy attackers compromising endpoints seemingly at will, with traditional approaches failing to provide sufficient protection for this developing security problem. Legacy approaches are reactive and require too many products. Below is our recent interview with Mandeep Sandhu, Principal Solutions Engineer at SentinelOne:
Q: What was the idea behind SentinelOne?
A: The idea was to develop a dramatic new approach to endpoint protection, one that applies AI and machine learning to thwart both known and unknown threats, and so, SentinelOne was born to provide endpoint security to organisations globally within a single agent and single code base that delivers prevention, detection, response, and hunting.
Q: You’ve recently raised $120m in a Series D funding round; could you tell us something more?
A: SentinelOne is the fastest growing endpoint security company today. The round will enable us to continue replacing legacy AV as well as replacing other next-gen products that lack capabilities to holistically solve customer’s challenges. We have line of sight into being cashflow positive mid-next year, making us the first next-gen endpoint player to not only have industry-leading growth but achieve this growth with fiscal responsibility.
Q: How exactly does your platform work?
A: We are a disruptive endpoint protection platform committed to innovation and providing customers with next-generation endpoint security leveraging AI technology.
Our single agent technology works by using:
• Static AI engine to provide pre-execution protection
• This Static AI engine has replaced traditional signatures and recurring scans that kill end-user productivity.
• Behavioural AI
• AI engines track all processes and their interrelationships regardless of how long they are active.
• When malicious activities are detected, the agent responds automatically at machine speed.
• Automated EDR (Endpoint Detection and Response)
• This provides rich forensic data and can mitigate threats automatically, perform network isolation, and auto-immunise the endpoints against newly discovered threats.
• With built solutions to meet your organisation’s infrastructure needs. Scalable, Cloud and On-Premise Management, Offline Support, and a Robust API.
As a final safety measure, SentinelOne can even rollback an endpoint to its pre-infected state.
We have also put in place a ransomware warranty programme illustrating that our product truly works. We don’t just say it, we’re able to stand behind it.
Q: Why SentinelOne? What makes you the best choice?
A: SentinelOne is real-time and autonomous; our static and behavioural AI turns dwell time into real time, making real-time decisions to impact devices. It fully operates without cloud reliance because we embed our AI algorithms on the endpoint.
We combine into one single agent:
• And finally, threat hunting.
Many endpoint security companies lack EDR (Endpoint Detection and Response) capabilities that allow remediation from an attack.Traditional EDR is passive and requires end users to have to figure out how to respond to attacks post-breach. In turn, the time between detection and response leaves enterprises vulnerable, as the threat landscape has also evolved beyond static binaries; SentinelOne’s static plus behavioural AI not only provides prevention but also acute detection of fileless and live attacks.
This means our offering satisfies the many customers that are searching for a more holistic solution to their endpoint protection and differentiates us from other endpoint platforms out there.
Q: What are your plans for the future?
A: After our latest round of funding, we are currently planning to accelerate the company’s rapid displacement of legacy and next-gen competitors in connecting endpoint, cloud, and IoT protection through an autonomous AI platform deployed throughout the enterprise.
Last Updated on September 7, 2019