SentinelOne this week announced it is acquiring PingSafe to add a cloud-native application protection platform (CNAPP) to extend its cybersecurity portfolio of offerings that are infused with artificial intelligence (AI).
Ely Kahn, vice president of product management for cloud security and AI/machine learning, said PingSafe provides SentinelOne with a CNAPP that, with the addition of agents developed by SentinelOne, will be capable of protecting more assets versus rival platforms that only alert cybersecurity teams that there is an issue that needs to be resolved.
The PingSafe CNAPP currently addresses everything from cloud security posture management (CSPM) to vulnerability and secrets scanning. In addition, PingSafe has developed a penetration testing capability that enables cybersecurity teams to mimic offensive attacks against the IT environments.
SentinelOne plans to integrate the telemetry data that the PingSafe CNAPP collects with the data lake it developed to house the telemetry data collected via the agent software it uses to apply AI to data, workload and endpoint security as an alternative to signature-based antivirus (AV) software. The company is also making available in beta a Purple AI service through which it will make generally available later this year generative AI capabilities to augment cybersecurity teams.
The ultimate goal is to create a closed-loop framework based on the Singularity platform SentinelOne provides to both identify and remediate cybersecurity issues in real-time via a single integrated platform, said Kahn. In effect, the next generation of CNAPP will finally live up to the promise of actually protecting IT environments, he added.
In general, CNAPPs are gaining traction as organizations look to rationalize the number of disparate cybersecurity tools they rely on today. In addition to reducing the total cost of cybersecurity, a platform-centric approach also makes it simpler to correlate threats and events versus requiring cybersecurity teams to navigate tools that have disparate user interfaces. In addition, CNAPPs also provide the framework through which the telemetry data needed to train AI models can be aggregated.
It’s not clear at what rate organizations are migrating to CNAPPs, but there are already plenty of options. The decision concerning which CNAPP to standardize on will vary, but all of them will rely to varying degrees on a mix of agents and agentless techniques to automate cybersecurity processes at a time when the overall size of the attack surface that needs to be protected continues to exponentially increase.
The challenge is that, in the absence of being able to find and afford the expertise required to combat those threats, there needs to be more reliance on machines to augment existing staff. The issue many organizations will initially encounter is simply ensuring they have the funding required to transition to a more platform-centric approach to cybersecurity.
In the meantime, cybersecurity teams should expect that attacks are only going to increase in volume and sophistication in the months ahead. Cybercriminal syndicates and nation-states, compared to the average enterprise, have access to almost unlimited resources. The only way to effectively combat those threats is to rely more on platforms that hopefully will reduce the odds that today are heavily stacked against most cybersecurity teams.
Recent Articles By Author