Gartner Summit 2023 Recap | Maximizing Value In Defense of the Enterprise

Gartner’s annual Security & Risk Management Summit hosted this week drew in more than 4300 attendees – a far larger crowd than recent years. Each year, cybersecurity and risk management leaders from across the globe gather to drive digital change, improve their responsiveness to the threat landscape, and share strategies on how to achieve security excellence.

At this year’s event, many of the conversations centered around how leaders could become proactive business partners, leaning into an offensive pursuit of understanding cyber threats while upkeeping a strong defense.

For those who couldn’t join us in person in National Harbor, Maryland, this post highlights notable takeaways straight from the SentinelOne team on the ground.

“Minimum Effective” | Adopting A Deliberate, ROI-Driven Mindset

Gartner’s Senior Director Analyst, Henrique Teixiera, kicked off the 2023 event by setting a scene all too familiar in today’s threat climate. “Many CISOs are burnt out and feel they have little control over their stressors or work-life balance,” he said. “Cybersecurity leaders and their teams are putting in the maximum effort, but it’s not having maximum impact.” As the cost of cyberattacks continues to climb and threat actors further streamline their tactics, many leaders are readjusting their strategies to maximize cybersecurity’s impact for their businesses.

This year’s keynote introduced the idea of the “minimum effective” mindset – a fundamental shift in how leaders approach ROI and lead cybersecurity into the future. Leigh McMullen, Distinguished VP Analyst at Gartner, explained that this mindset enables “cybersecurity functions to go beyond merely ‘defending the fort’ to unlocking their true potential to create tangible value.” In this frame of thinking, a stronger security practice can be achieved when leaders shed the notion that security teams must give maximum inputs to get maximum impact and value out of their security investments.

Expanding on the topic of value, both keynote speakers busted several myths to illustrate this philosophical shift. One such myth is that more security tools equals better protection. Not true, said the analysts. Instead, having a “minimum effective toolset,” or the fewest technologies required to observe, defend, and respond to threats actually help organizations achieve better protection.

Showfloor Showdown | Seeing SentinelOne’s XDR Combat Real-World Use Cases

Using EDR and XDR technologies, modern enterprises have been empowered to move beyond traditional protection-only tools towards holistic and real-time management across entire digital landscapes. To showcase the power of EDR and XDR platforms, Gartner analysts hosted their first EDR/XDR Showfloor Showdown at this year’s summit event.

The showdown pitted Prateek Bhajanka, SentinelOne Field CISO and former Gartner analyst, in a friendly competition against industry peers from Microsoft and Palo Alto Networks. Prateek demonstrated how the SentinelOne Singularity Platform addresses a set of use cases defined by Gartner analysts. Prateek’s energetic presentation and the powerful capabilities of our platform kept a standing-room only audience engaged to the end.

Session Highlights | Extracting Maximum Value from Current Tools

Global spending on cybersecurity tools numbers in the range of billions per year, but cyber attackers continue to permeate every industry without pause. Facing the reality of shrinking budgets and evolving threats, it is critical for enterprise leaders to extract value from their security tools and make the right investments. This means learning how to leverage the existing potential of their current stacks.

In another packed session, Prateek’s presentation, Make Every Dollar Count: Maximizing Value of Security Investments, provided attendees with actionable information for optimizing the value of existing cybersecurity expenditures and tips for making informed decisions to combat cyber threats while working within limited budgets.

This presentation is now available in an on-demand webinar. Watch here!

Make Every Dollar Count Webinar

The Future of Cloud | Powering Cloud Security With AI

In today’s fast expanding cyber threat ecosystem, artificial intelligence (AI) and machine learning (ML) have become key drivers in automating the processes needed to identify and respond to advanced cyber threats. Designed to learn emerging threat patterns and identify new, malicious behaviors based on existing TTPs, exploits, and malware, AI and ML will continue to transform the security community in ways yet to be discovered.

The SentinelOne booth at Gartner’s summit sought to showcase the spirit of using AI and ML to power modern cloud security strategies. Proud to be at the leading edge of this innovative work, we highlighted the cloud workload protection, real-time detection, simplified automated response, and hybrid cloud unification delivered by Singularity™ Cloud.

With tens of thousands of accounts spread across multiple clouds, modern organizations need the right security defending their cloud infrastructure. Singularity™ Cloud works by extending distributed, autonomous endpoint protection, detection, and response to compute workloads running in both public and private clouds, as well as on-prem data centers.

Learn more about how SentinelOne’s AI-powered cloud security is focused on responding faster and smarter to improve your cloud security plan and fuse autonomous threat hunting, EDR capability, and security together to fit your business.

Theme Recap | Reflecting on “Minimum Effective” For Maximum Value

As more enterprises journey onwards towards digital transformation to get ahead of both cyber threats and business risks, security leaders must act as agents of change to implement the minimum effective mindset across data, technology, cyber expertise, and operational controls.

This theme was carried throughout the various sessions featured at this year’s summit, with several notable ones summarized below:

In a session designed to help security pros understand and prioritize the myriad capabilities and acronyms that make up cloud security “cooking ingredients,” Gartner Senior Director Analyst Charlie Winckless asked the audience, “Is your cloud kitchen in order?” He described what each technology brings to an organization, and when and how to use them most effectively.

Managed Detection and Response (MDR) was also addressed as a key part of the value equation. According to Gartner VP Analyst Pete Shoard, “MDR solutions differentiate on their actionable deliverables and business-driven outcomes,” meaning that the most effective MDR providers work to understand customers’ business needs to deliver only the most relevant deliverables, risks, and outcomes.

Attendees were also asked to check their XDR state of mind when Gartner VP Analyst Chris Silva discussed the path to an XDR architecture. He explained that rich context in XDR relies on multiple tools sharing correlated data for instant consumption by an analyst or playbook. He outlined three paths for organizations with different needs: data integration, process integration, and risk visibility. Each path included elements of value whether through tool consolidation, data prioritization based on cost, or integration and optimization.

How SentinelOne’s Singularity XDR Drives Maximum Value

The Singularity XDR Platform empowers security teams with a more efficient way to protect their business’ critical data and assets against today’s sophisticated threats. By unifying extended detection and response capabilities across security layers including endpoint, cloud, identity, network, and mobile, security teams can automate response across their technology stack and gain end-to-end visibility for maximum value.

Singularity XDR is trusted by customers worldwide who aim to approach cybersecurity from a faster, more autonomous angle. Across any digital or analog surface, Singularity XDR:

  • Ingests native and third party endpoint, cloud, and identity telemetry
  • Correlates related events automatically across an entire ecosystem
  • Analyzes and proactively hunts from any source within the same console
  • Streamlines operations with custom detections and automated responses
  • Resolves threats anywhere in a tech stack by taking informed, orchestrated action


This years’ summit has been another one for the books and the incredible turnout has bolstered SentinelOne’s resolve to keep innovating, investing, and pushing for a safer future. We’d like to thank Gartner for hosting this value-driven event where cybersecurity vendors, presenters, and customers alike were able to share their insights and new ideas on how to better our approach to both proactive and defensive security.

To learn more about how SentinelOne can help protect your organization, contact us or book a demo and see our value-driven security offerings first hand.