Last week, the SentinelOne team wrapped up another exciting year at RSA Conference 2024. The four-day event was, as usual, an invaluable opportunity to connect with leaders across the community, share stories, and learn from each other. This year’s event garnered attendees numbering 40,000 strong from more than 130 countries, showing just how much expertise is available to be shared.
For those who couldn’t join us in San Francisco, our recap blog captures all of the event highlights including snippets from exclusive keynote sessions and all the announcements from SentinelOne.
RSAC 2024 | Understanding “The Art of Possible” in the Cyber World
This year’s theme for the event was “the art of possible”, a phrase that inspires hope while also serving as a warning to never underestimate what is possible by our cyber adversaries.
Community unlocks possibility and, thinking about the theme as it applies to cybersecurity, we are reminded to celebrate new technologies and leverage the strength of the collective whole and remain vigilant in the face of growing threats and risks.
Delivering The Future of Autonomous Security with Purple AI & Singularity Data Lake
It’s no surprise that many of the conversations at RSAC 2024 revolved around the topic of artificial intelligence (AI) and its impact on the cybersecurity landscape. SentinelOne was thrilled to announce innovative new capabilities within our Singularity Platform, designed to empower IT teams to take a predictive and autonomous stance against incoming threats:
- AI-Powered Anomaly Detection – Purple AI surfaces correlated risks from integrated log sources.
- Automated Alert Triage – The technology analyzes trillions of anonymized data signals at a global scale to evaluate how security analysts assess and respond to similar alerts and provides automated verdicts and recommended actions.
- AI-Powered Response Recommendations and Hyper Automation Rules – Using global similarity analyses, Purple AI provides intelligent response recommendations based on how others have responded to similar alerts and smart recommendations to turn those actions into hyper automation rules to put response actions in autonomous mode.
- 24/7 Auto-Investigations – Through zero-touch auto-investigation capabilities, Purple AI eliminates the need for human-driven investigations and empowers security teams to focus on validating and mitigating threats at scale.
- Mandiant Threat Intelligence – Building on our existing OEM partnership, the Singularity platform integrates leading threat intelligence from Mandiant (part of Google Cloud) to provide the latest and most comprehensive security insights. This includes detailed adversarial TTPs, enrichment of all security alerts and enhancing threat hunting capabilities. Intelligence will also be accessible through Purple AI, boosting the platform’s proactive and automated functions in private preview later this quarter, with general availability later this year.
Combining the power of Singularity Data Lake and Purple AI, these capabilities help transform security operations by offering new autonomous capabilities in the Singularity Platform. Regardless of an organization’s size, budget, or resources, the latest features ensure they can respond to advanced threats and adopt a proactive approach, anticipating and mitigating issues before they bloom into full-out cyber events.
Further, Purple AI, SentinelOne’s advanced AI security solution is now embedded across the Singularity Platform and accessible via a new unified security console, Singularity Operations Center. The Operations Center console is a significant stride forward to simplifying the analyst workflow by unifying alert triage and workflows across all event collections.
Now generally available, the Operations Center works by consolidating security management with unified alerts, inventory management, correlation engine, and a contextualized Singularity Graph to accelerate advanced SOC capabilities including detection, triage, and investigation.
Redefining Cloud Security
Attacks on cloud environments continue to soar as threat actors zero in on the concentration of business-critical data and services held in clouds. To help cloud teams, developers, and security professionals reduce their cloud and container attack surfaces, we announced the launch of Singularity™ Cloud Native Security (CNS) – our agentless Cloud Native Application Protection Platform (CNAPP) uniquely designed to assess cloud environments through the eyes of a threat actor.
With rapid agentless onboarding across 6 different cloud environments, CNS consolidates and correlates a range of cloud security capabilities:
- Rapid onboarding with multi-cloud support
- Cloud Asset Inventory and mapping with easy-to-understand graph visualizations
- Vulnerability Scanning
- Cloud Security Posture Management (CSPM)
- Secrets Scanning
- Infrastructure as Code (IaC) Scanning, including VCS integration
- Container Image Security, including CI/CD integration
- Software Bill of Materials (SBOM)
- Kubernetes Security Posture Management (KSPM)
- Cloud Detection and Response (CDR)
- Integration with Singularity Data Lake for accelerated investigations via Purple AI
One of the major challenges security teams face is cutting through a very noisy attack surface, spending time on separating truly critical and exploitable risks from theoretical attack paths. CNS uses a unique Offensive Security Engine™ that safely simulates attacker behaviors to provide evidence-based false-positive free Verified Exploit Paths™ so security teams can prioritize their time and prevent attacks more effectively.
SentinelOne & CISA | Improving the Nation’s Cybersecurity Posture
Chris Krebs Joins CISA’s Cyber Safety Review Board
The Cyber Safety Review Board (CSRB) was born as a result of President Biden’s Executive Order “Improving the Nation’s Cybersecurity”, administered by CISA on behalf of the Secretary of Homeland Security. At RSAC 2024, we announced that Chris Krebs, SentinelOne’s Chief Intelligence and Public Policy Officer, has joined the CSRB alongside private sector and senior officials from the DoD, NSA, DoJ, FBI, and more.
The objective of the CSRB focuses on fact-finding, conducting independent reviews before issuing recommendations in the wake of major cyber incidents across U.S. entities and organizations. CISA Director Jen Easterly welcomed Krebs to the CSRB stating that “his cybersecurity expertise and experience will be instrumental in the continuing evolution of the CSRB as a catalyst for positive change in the cybersecurity ecosystem.”
Krebs joined SentinelOne in November 2023, helping executives understand the realities of operating in the modern global business landscape by providing unbiased insights and transformative risk management strategies. Prior, he held the role of inaugural director at the Department of Homeland Security’s CISA and worked alongside businesses and government agencies to protect against an expanding set of cybersecurity threats. Before joining the DHS, Krebs led Microsoft’s U.S. cybersecurity policy efforts. Currently, he co-chairs the Aspen Institute’s U.S. Cybersecurity Working Group and is a CBS News Contributor.
SentinelOne Makes a Pledge for CISA’s Secure by Design
SentinelOne joined 67 other leaders across the security industry in signing CISA’s Secure by Design pledge at RSAC 2024, a voluntary commitment where the biggest names in tech today promised to take actions within one year to make their products and services more secure. The pledge seeks to complement and build on existing software security best practices, buckling down on the idea of continuously improving the nation’s cybersecurity.
The scope of the pledge includes improving seven aspects of on-prem software products and services, defined in the CISA’s Secure by Design principles. SentinelOne is proud to add our statement of support:
Celebrating the Cybersecurity Community at RSAC 2024
The cybersecurity industry works hard, overcoming ever-evolving threats and risks to protect what’s most important. We take a moment to recognize and celebrate the ongoing collaboration and contributions from the entire community. Here are some highlights from the event!
Thank You, RSAC – See You In 2025!
From the entire team at SentinelOne, we’d like to thank all of our customers, esteemed panelists, fellow vendors, and hosts for another amazing year with RSAC. These events continue to reflect the energy and drive that make up the tight-knit cybersecurity community we are all a part of. As we close out our time with RSAC 2024, we hope to continue the spirit of exchanging ideas, sharing experiences, and learning from one another to keep improving.
We’re already looking forward to next years’ event and welcome everyone to keep the conversation going on our social media channels and at our demo sessions. Be sure to learn more about all of SentinelOne’s latest security offerings as we invest in a more secure future.