It was a full day here at RSAC, hosted this year at the Moscone Center of San Francisco! Day 2 was filled with many in-depth presentations and training sessions from various cyber leaders in our industry.
To those who’ve already made their way to visit the SentinelOne team at Booth S-626, we’ve loved meeting you! There’s still lots of time to swing by and connect with us over the next two days if you haven’t yet. For those who aren’t with us in person, this post will cover all of the highlights from the day’s activities.
SentinelOne Unveils the Singularity™ Security DataLake
Day 2 of RSAC 2023 saw the team at SentinelOne launch Singularity™ Security DataLake, the most performant cloud-native data solution providing our customers with unparalleled insights into their data across their security ecosystems.
The modern digital landscape is one that is ever-evolving and many organizations face the challenge of reconciling data from multiple sources and formats. These days, enterprises that can master their data and get more value from it are equipped to stay ahead of even the most advanced cyber threats.
Singularity™ Security DataLake enables organizations to uncover threats rapidly and have the power to launch a response in real-time, saving both minutes and cost. It works by combining active orchestration and automation, seamlessly ingesting all data types from any source so customers can work within one cohesive overview.
Security DataLake is powered using new, AI-based anomaly detection capabilities to process data from endpoints, workloads, and users. Effectively protecting cloud workloads to user identities, Security DataLake ensures security teams can proactively identify and stop attacks faster than any human could.
SentinelOne Announces an Integration With Wiz
Security teams should never stand in the way of innovation. Rather, they should be thought of as the guardrails that foster a safe space where big ideas and even bigger results can happen.
This premise – that security teams can and should bolster a business’s innovation engine – is one of the driving forces behind our exclusive and strategic partnership with Wiz, which we first announced last month. For Day 2 of RSAC, we revealed that we have successfully integrated our platforms to empower companies of all sizes, securing their cloud infrastructure and workloads without hampering the speed or agility of their application development teams.
As part of this news, cloud security experts from SentinelOne and Wiz unveiled on the RSAC Expo floor a demonstration of the Wiz-SentinelOne integration. RSAC attendees were among the first members of the public to see the SentinelOne platform actively pulling information from the Wiz platform and using that information to enrich threat details in our Singularity platform.
Upon detecting a cloud threat, our platform could be seen automatically ingesting additional cloud-infrastructure context. The details ingested include vulnerability, permissions, configurations, and more, to enrich our deep, process-level telemetry.
SentinelOne’s Director of Product Marketing, Rick Bosworth, described how this integration boosts the abilities of both Security Operation Centers (SOCs) and threat hunters. “It’s truly complementary and better together,” said Bosworth, who described this integration as ‘the flight data recorder’ for cloud workloads. Singularity Cloud now securely records all the deep, OS-level telemetry that workloads carry out on virtual machines or servers.
During investigative processes, SOC analysts easily ‘rewind the tape’ to see exactly what happened; a process made simpler by our artificial intelligence, which automatically correlates relevant and related processes. Now, threat hunters can easily search this record to look for the earliest indicators of compromise; a key element in being able to proactively harden and improve an organization’s cybersecurity posture.
“With this ‘shift-left, shield right’ combination, security practitioners can make better decisions, faster, to prioritize the highest impact security alerts and keep the cloud innovation engine humming smoothly,” said Bosworth. “Fundamentally, this is about the combination of business agility and security you want, and get right-touch security that does not slow down your innovation engine.”
See how the integration works first hand at the SentinelOne booth (S-626)!
Spotlight Presentation | Debunking Common Myths About Cloud Security
When it comes to cybersecurity and the cloud, myths abound: “The cloud is inherently secure,” “Cloud ransomware only affects large organizations,” or “Cloud ransomware is easy to prevent.” Don’t get us started.
Two members of SentinelOne’s Field CISO team, Senior Director and Global Field CISO Milad Aslaner and Americas Field CISO and Associate Director Mani Keerthi Nagothu, busted the top ten myths we most often hear. At a theater presentation on the Expo floor, they dissected each of these misconceptions to clear the air and give attendees a clear understanding of the reality of cloud security. We have listed each of these myths and their realities below, but encourage any readers at RSAC to stop by SentinelOne’s booth, S-626, to chat in depth with any of our booth team members.
Here are those 10 myths busted:
- Myth: Security is the responsibility solely of the cloud service provider. Reality: Cloud security is a shared responsibility that organizations must also take part in.
- Myth: CWP can exist without a solid EDR foundation. Reality: Cloud EDR is critical because it provides real time threat detection and prevention.
- Myth: Everything required can be achieved with CWP. Reality: CWP is an integral part of a cloud security stack, but does not supersede other technologies like CIEM, CSPM, and data security.
- Myth: CSPM provides us a cloud security platform. Reality: CSPM is another integral part of a cloud security stack, but isn’t a security platform in itself and is no replacement for CWP.
- Myth: CSPM is XDR but for the cloud. Reality: XDR is a security platform. CSPM is not. However, XDR platforms will incorporate CSPM capabilities.
- Myth: CSPM and CWP combined is all I will need to secure my cloud instance. Reality: CSPM and CWP aren’t the only capabilities required in a cloud security stack. Organizations still need the ability to manage cloud identities and entitlements as well as securing their cloud data, network, and applications.
- Myth: CNAPP is the silver bullet that can cover my cloud security needs. Reality: CNAPP technologies can in theory consolidate CSPM, CWP, and CIEM capabilities into one platform, but not all CNAPP solutions are created equal. Organizations need to access the use cases and capabilities before rushing a decision.
- Myth: Data and network security is handled by the cloud service provider. Reality: Your data your responsibility; your network your responsibility.
- Myth: Automated response means loss of control. Reality: Some tasks can be automated, but keep the human in the loop to gain confidence
- Myth: More data yields better detections. Reality: Be strategic. Data lakes can lead to data swamps, data ingestion is hard, and data storage and transport is expensive.
The SentinelOne Booths | Where Innovation, Customer Experience, and Fun Come Together
For those of you who have seen the legendary S1 booth before, we brought it back for RSAC 2023! Our iconic neon purple tree has come to symbolize the intricate yet organized flow of data between all of cybersecurity spaces. From ceiling to floor, the tree shows the movement of data to and from various solutions into one powerful (and, in this case, stunning) platform.
Aside from this, what would a cybersecurity conference be without a little fun? The S1 team was proud to feature a second booth at RSAC (Booth 4417) where we featured our partnership with the Aston Martin Aramco Cognizant Formula One™ Team.
The Aston Martin F1 car, on display just around the corner, and team driver ambassador Jessica Hawkins just may have been the most photographed duo at RSAC. Conference goers posed in front of the car, and were excited to meet Jessica and test their own driving skills on our much-anticipated simulator. In line with SentinelOne’s mission to stay ahead, at least one competitor raced within two seconds of Jessica’s first time (although those results weren’t finalized as of press time!)
That’s a wrap on Day 2 activities, and we’re already looking forward to what Day 3 has in store. Be sure to drop by to see our epic booths yourself and chat with one of our security exports about our newest announcements and integrations. We’ll see you at Booth S-626, or Booth 4417 for a bit of “high-octane” fun!