RSA 2022 Conference Recap: Securing the Cloud, Experiencing FOMO, and Evolving XDR

It’s the last day of RSAC 2022, and the SentinelOne team has been taking San Francisco by storm with a stunning booth, innovative demos, FOMO-inducing parties, and exciting announcements galore. As this tried-and-true conference draws to a close, our team decided to look back and share some of their takeaways gained from the show floor and long-anticipated conversations with customers & partners.

Welcome to the Era of XDR

Consolidation was the name of the game at RSAC 2022.

We came ready to talk about what security professionals need in their cybersecurity programs; while the answer wasn’t surprising or novel, it was universally resonant. CISOs and analysts alike talked about consolidating tools, and reducing the number of vendors and point-specific solutions they rely on.

While vendor consolidation is not a new trend or objective, the concept of extended detection and response (XDR) offered enterprises a more promising roadmap and approach to achieving its benefits.

Most importantly, we heard how today’s security teams are in need of security tools that more seamlessly integrate with the other vendors in their stack. We had a lot of great conversations about how our Singularity XDR platform can empower our customers and partners with centralized, end-to-end visibility, and how security teams can leverage a Marketplace full of integrations to protect all of your attack surfaces.

As RSAC 2022 continued, we saw that attack surface management was a top-of-mind concern for many of the booth visitors that sat down with us as well as on the show floor. Customers and peers highlighted how they were considering outside-in External Attack Surface Management (EASM) and Cyber Asset Attack Surface Management (CAASM) to gain the enterprise visibility they currently lacked. These key conversations affirmed our approach to addressing common visibility challenges by providing actionable insight into the endpoint, network, cloud, and identity layers. Without this visibility, vendors and practitioners miss the first step to accomplishing the data-driven investigations and automated response actions originally promised by the vision of XDR.

Learning more from the attendees of RSAC on the expectations and desired outcomes of XDR makes us even more excited to continue our journey to fulfill the original vision and promise of XDR by filling visibility gaps across your technology stack by correlating threats across vectors and attack surfaces.

Cloud Infrastructure Isn’t the Future. It’s Now.

This year’s RSAC also proved that everyone’s heads are in the clouds.

Previous years’ conversations that simply broached or entertained cloud transformation are over. The plans are already in motion, and today, more enterprises are turning to cloud infrastructure platforms than ever to run their operations.

And this trend shows no signs of slowing down. According to projections from Gartner, infrastructure-as-a-service (IaaS) spending will eclipse $120 billion USD in 2022, up 30% YoY.

As cloud becomes integral to an enterprise’s day-to-day, we had a lot of productive conversations about the growing number of cloud-based threats (such as runtime threats like crypto-mining malware, zero-days like Log4j, or real-time fileless attacks) on the horizon. It’s clear that enterprises and SOCs need a cloud defense-in-depth strategy, which establishes multiple layers of protection and best practice configurations around your sensitive data, with cloud workload detection & response as a reactive line of defense.

Introducing SentinelOne Skylight

We also sparked some radical conversation on the replacement of legacy SIEM—and introduced security pros to just the solution for the job.

SentinelOne kicked off Day 3 of RSAC 2022 by introducing Skylight, a solution that provides full data visibility, ingestion, and storage capabilities by integrating data from both SentinelOne and third parties within SentinelOne Storyline™ technology. Now, our enterprise customers can make better decisions, automate workflows, and derive more value from the data they ingest from existing technology and security tools—without the costs, upkeep, and time they’ve come to associate with traditional SIEM.

Stronger Together (Hello, Attivo!)

RSAC 2022 was the first time we hit the road with our new Identity experts following the acquisition of Attivo Networks.

Customers got to sit down with us and have their first look at the new Identity capabilities of the Singularity XDR platform.

We spoke about how Singularity Identity detects active attacks against all device types and OSes, and safeguards against unauthorized privilege escalation and lateral movement to protect your Active Directory and Azure AD domain controllers and domain-joined endpoints in real time. They also got a look at how Singularity Ranger AD can mitigate your identity-based risk by identifying misconfigurations, vulnerabilities, and real-time indicators of attack to get in line with security best practices.

As threat actors target identity-focused attack surfaces, many key discussions between RSAC attendees centered around how security teams could secure their estates and manage relevant vulnerabilities in real time— at SentinelOne, we’re glad that we can offer solutions to proactively address these attacks.

Celebrating the Good Guys

With the threat landscape constantly evolving, the security industry works hard—but we also wanted to recognize a rare moment of celebration and peace-of-mind for our valued customers and partners. That’s why we teamed up with Armis, Torq, and our special guests Incubus to bring over 2,500 people together for FOMO, our RSA party. We hope you enjoyed the celebration!

Conclusion

As we head back home to start executing on what we learned at RSA 2022, we want to thank all of the customers, partners, and peers who stopped by Booth S-627 to say hello. We can’t wait to see you next year with a few more exciting developments and contributions to the cybersecurity landscape under our belt. See you next year!

To learn more about how Singularity XDR provides visibility and context across enterprise data, schedule a demo.