SentinelOne | January 05, 2024
SentinelOne (NYSE: S), a global leader in AI-powered security, today announced that it has agreed to acquire PingSafe. The acquisition of PingSafe’s cloud native application protection platform (CNAPP), when combined with SentinelOne’s cloud workload security and cloud data security capabilities, is expected to provide companies with a fully integrated platform that drives better coverage, hygiene and automation across their entire cloud footprint.
The planned integration of PingSafe’s CNAPP into SentinelOne's Singularity™ Platform signifies a paradigm shift in cloud security. Rather than relying on point solutions or a standalone cloud security platform, companies can now access a unified, best-of-breed security platform complete with advanced, real-time, AI-powered security operations to protect the entire enterprise across endpoints, identities, and clouds.
“With the addition of PingSafe, we intend to redefine cloud security by fusing best-of-breed cloud workload protection, AI and analytics capabilities with a modern and comprehensive CNAPP,” said Ric Smith, Chief Product and Technology Officer, SentinelOne. “This new approach to cloud security will eliminate the need for companies to navigate the complexity of multiple-point solutions, triage and investigate with incomplete context, or pipe data between disparate data silos. Instead, they can comprehensively manage their entire attack surface from a single platform that, unlike legacy CNAPP and standalone providers, delivers the full context, real-time interaction and analytics needed to correlate, detect and stop multi-stage attacks in a simple, automated way.”
SentinelOne has been steadily extending its cloud security capabilities beyond cloud workload security, and the acquisition of PingSafe will accelerate this strategy. The move also aligns with the Singularity Unity Release strategy SentinelOne announced in November to transform security operations centers.
“SentinelOne is a pioneer and leader in AI-powered security, and we share a common mission to secure the cloud and make the Internet a safer place,” said Anand Prakash, founder and CEO of PingSafe and one of the world’s top five white hat hackers. “The combination of our cutting-edge CNAPP capabilities with SentinelOne’s market-leading AI security platform will supercharge cloud security by providing world-class protection for multi-cloud infrastructure, from development to deployment.”
Leading Cloud Security with Enterprise-Wide AI and Analytics
PingSafe is a robust CNAPP solution that delivers dynamic, real-time monitoring of multi-cloud workloads, simple setup and configuration and low false positive rates. And customers view it as superior to alternative solutions in the market.
“With more than $100 billion in transactions flowing through our network, nothing is more important than ensuring the security of our environment,” said Ashwath Kumar, Principal Security Engineer at Razorpay, one of the largest payment processors in India. “With PingSafe, we can cut through the noise delivered by many CNAPP solutions to identify and prioritize the most critical threats and take an offensive approach to preventing them before they impact our business.”
“We operate in a regulated but growing industry. It is an industry where one needs to adapt to change at lightning speed, and ensuring compliance in doing so is a key requirement,” said Prajal Kulkarni, CISO Groww. “We must be able to quickly identify, prioritize and respond to cloud misconfiguration seamlessly and correlate issues across our large cloud environment, and PingSafe provides us with a centralized dashboard that makes this easy and cost-effective to do.”
With the acquisition of PingSafe, SentinelOne will offer differentiated capabilities such as advanced secrets scanning of runtime and build-time environments and an attack surface management rules engine that runs breach and attack simulation scenarios against Internet-exposed cloud assets to identify how an adversary could compromise those assets. These capabilities will be in addition to core CNAPP capabilities like cloud security posture management, Kubernetes security posture management, agentless vulnerability scanning, and shift-left Infrastructure as code scanning.
“Combined with our Singularity Data Lake, Purple AI, endpoint security, and identity security capabilities, PingSafe will enable us to provide a compelling and cost-effective alternative to standalone CNAPP offerings unlike anything else in the market and a superior, more integrated user experience,” Smith said.
SentinelOne is a global leader in AI-powered security. SentinelOne’s Singularity™ Platform detects, prevents, and responds to cyber attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and network-connected devices with speed, accuracy and simplicity. Over 11,500 customers, including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments, trust SentinelOne to secure the future today. To learn more, visit www.sentinelone.com
Deepwatch | January 09, 2024
Deepwatch, the leading managed security platform for the cyber resilient enterprise, today announced the launch of Threat Signal, its standalone forensic-focused operations service. Deepwatch designed Threat Signal to enhance companies’ cybersecurity defenses, proactively identify and help mitigate attack vectors, and stay ahead of evolving risks to strengthen cyber resilience.
Threat Signal provides protection beyond traditional security measures, finding advanced cyber threats that have bypassed existing controls by leveraging the latest attacker methodologies to stay in tune with the constantly evolving threat landscape. Using an “outside-in” methodology, Threat Signal evaluates an organization’s externally accessible presence from an attacker’s perspective to pinpoint and investigate risky systems and services. This informs the initial investigation and allows Deepwatch Experts to leverage advanced capabilities through organic intelligence, deep forensics, and threat hunting.
According to Forrester’s “How to Make Threat Intelligence Actionable” report¹, “Over time, companies need to move beyond tactical use cases. Threat hunting can uncover threats that have bypassed traditional security tools, allowing companies to stop attacks earlier to minimize disruptions. As Forrester’s Threat Hunting 101 report describes, threat intelligence is vital because it provides insights into the TTPs of threat actors and details on how malware behaves. If time, expertise, and resources are constrained, consider leveraging an external service provider to conduct the threat-hunting exercise as an annual consulting engagement.”
Threat Signal provides tailored and proactive security measures through customer-specific intelligence that takes an organization's unique attack surface, business risks, and the latest adversary intelligence or "threat cases" into account. Threat Signal’s additional features and capabilities include:
Deepwatch Experts - Seasoned forensic security experts perform in-depth investigations, identifying threats before they disrupt an organization.
Attack Surface Profiles - These profiles provide a customer actionable report, detailing external opportunity areas that an attacker could leverage against an organization, including high-risk opportunities, mitigation recommendations, and threat hunting leads.
Forensic-Agent-Based Threat Hunting Engagements - Deepwatch’s specialists consistently engage in hunting activities to reveal concealed threats within a company’s infrastructure and provide a threat hunt summary report with detailed observations and any actions that the customer took during that hunt cycle.
Reporting and Reviews - Deepwatch provides customers with reports, including:
Weekly intelligence brief reports on analyzed open-source intelligence with Deepwatch recommendations.
Summary presentations on the solution engagement status, including but not limited to hunting reports.
Up to two executive reviews of the solution and observables per year.
Ad-hoc awareness briefs of security advisories based on Deepwatch threat criteria.
Annual intelligence reports on incident lessons learned and predictions.
Malware Analysis - Deepwatch’s Adversary Tactics and Intelligence (ATI) team analyze collected malware and provide a report.
Enhanced Security - Deepwatch’s MDR customers benefit from cross-collaborative security operations, harnessing advanced threat detection, and hyper-responsive capabilities.
“As security professionals, we look to enhance a company’s security readiness. To do that, it’s critical for them to look beyond their existing security controls to ensure they are identifying and proactively protecting the business from external threats,” said Jerrod Barton, VP, Cyber Operations & Intelligence for Deepwatch. “With Threat Signal, we’re able to help our enterprise customers view their security readiness through the lens of the ‘attackers,’ ensuring that they can rapidly respond to any incoming threats, which in turn helps them elevate their cyber resilience.”
Deepwatch is the leading managed security platform for the cyber resilient enterprise. The Deepwatch Managed Security Platform and security experts provide enterprises with 24/7/365 cyber resilience, rapid detections, high fidelity alerts, reduced false positives, and automated actions. We operate as an extension of cybersecurity teams by delivering exceptional security expertise, visibility across your attack surface, precision response to threats, and a compelling return on your security investments. The Deepwatch Managed Security Platform is trusted by many of the world’s leading brands to improve their security posture, cyber resilience, and peace of mind. Learn more at www.deepwatch.com.
D3 Security | January 08, 2024
D3 Security today announced its participation in the Microsoft Security Copilot Partner Private Preview. D3 Security was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.
“In the context of security, AI’s impact is likely to be profound, tilting the scales in favor of defenders and empowering organizations to defend at machine speed. At Microsoft, we are privileged to have a leading role in advancing AI innovation, and we are so grateful to our incredible ecosystem of partners, whose mission-driven work is critical to helping customers secure their organizations and confidently bring the many benefits of AI into their environments,” said Vasu Jakkal, Corporate Vice President, Microsoft Security.
D3 Security is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility.
“D3 has always pushed SOAR technology forward, be it through our deep research into integration design; our Event Pipeline, which reduces alert-handling time by up to 99%; or our operationalizing of the MITRE ATT&CK and D3FEND frameworks,” said Gordon Benoit, President, D3 Security. “By teaming with Microsoft in the Security Copilot Partner Private Preview, we will be able to use AI to evolve SOAR in ways that would have sounded impossible just a year ago.”
Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft's unique global threat intelligence and more than 65 trillion daily signals.
About D3 Security
D3 Security’s Smart SOAR™ (security orchestration, automation, and response) solves entrenched problems in cybersecurity by transforming separate tools into a unified ecosystem with multi-tier automation, codeless orchestration, and robust case management. Smart SOAR performs autonomous triage and reduces false positives so enterprise, MSSP, and public sector security teams can spend more time on real threats.
Product or service names mentioned herein may be the trademarks of their respective owners.