The latest round of funding from SentinelOne is a significant one, with a valuation that is reportedly nearing $3 billion. The Israeli-founded and Mountain View-based company is backed by top firms including Tiger Global, Sequoia, Insight Partners, Third Point Ventures and Qualcomm Ventures.
The company aims to unify prevention, detection, and response in a single platform powered by artificial intelligence. It uses AI to analyze data from multiple sources in real time, detecting threats before they can take hold.
It can detect malware by analyzing behavior rather than relying on signatures for known malicious code, and is capable of automatically blocking malware-related attacks and responding with a one-click remediation and rollback function. It also offers a feature called Ranger that allows security teams to monitor and contain rogue devices that are not managed by the network.
SentinelOne’s products are designed to protect three key security surfaces that attackers are targeting today: endpoint, cloud and identity. The company’s endpoint solutions focus on preventing attacks from spreading to systems that run applications, while its cloud and identity offerings help prevent the theft of information from within the network.
Founded in 2013, SentinelOne has raised $700 million to date. It recently closed a $617 million round that included acquisitions of threat detection platform Attivo Networks and log management and server monitoring tools provider Scalyr.
Attivo’s CEO Tushar Kothari told TechCrunch that the deal will allow the company to keep building on its original vision inside a larger public company without slowing down. He said the two companies were a good match and that this move is aimed at providing customers with more options to manage their logs.
With a mission to deliver autonomous security for endpoint, data center, and cloud environments, SentinelOne has created a multi-vector detection engine that identifies threats through a variety of different approaches. It uses machine learning to ingest and process real-time security data from multiple sources, detecting malicious behaviors in both static and dynamic ways.
The company’s software is based on a single agent that can be deployed both online and offline, and that can be augmented with an optional virtualization module for accelerated performance. It can replace traditional anti-virus (AV) and NTA products, network visibility appliances, and dedicated threat-hunting platforms.
Its AI-based Behavioral Analytics technology can detect and block ransomware, identifying behaviors that may indicate a file-encrypting or password-stealing attack. It can also identify vulnerabilities in systems and automatically patch them, thereby protecting the entire environment from cyberattacks.
For analysts looking for a more advanced and comprehensive way to hunt for suspicious behaviors, SentinelOne supports MITRE ATT&CK Tactics, Techniques and Procedures (TTPs), allowing users to better understand the behavior of their endpoints and to accurately detect anomalous activities. This helps analysts up their game and make EDR a more satisfying experience from the start.
In addition to a dedicated team of Cyber Security Analysts, SentinelOne also offers a guided 90-day onboarding service to ensure that deployment is successful. This includes onboarding and user setup, product overviews and training sessions. In addition, it includes a multi-tiered support program with a defined technical account management (TAM) model ranging from small business to enterprise.