SentinelOne’s Diwakar Dayal on how it is helping businesses not only observe but prevent and deflect security threats in real-time.
Diwakar Dayal, Managing Director & Country Manager, SentinelOne, India & SAARC speaks with ET Insights on how it is helping enterprises secure their most valued asset: data. Edited excerpts:
Q. There are many security players in the market with a plethora of solutions. How are you creating a space in this market? What is your USP?
Around two decades back, cyber security players provided solutions based on a specific threat. We saw signature-based solutions, which functioned as a ‘band-aid’, coming into being to protect against virus attacks. Then we had the emergence of new adversaries like focused cyber cartels or the dark web who started to use sophisticated attack methods that led us to embrace cloud-based security solutions.
The pandemic has changed all this. Users are the new corporate perimeter; they could be at office or home or any location. Data is floating between different devices and accessed from everywhere. All this combined has led to an exponential increase in the threat landscape, and traditional cybersecurity approaches have failed to address the problem.
What we have brought into the market is a platform that can fight machines against machines. We provide an AI-powered automation platform called Singularity XDR. It gives users real-time visibility and cross-platform co-relation to hunt threats in real-time.
The platform ensures that threats like ransomware are defeated without dependencies on signature-based or cloud security solutions. The biggest challenge for most organisations is business resiliency. If there is an attack, we can help businesses recover with a single click within a matter of seconds. This is our USP.
Q. Yes, security programs are shifting from a prevention to a resilience strategy. Often, we see that several infections get through endpoint security offerings that are focused more on detection and response. This frustrates business users. How are you addressing this?
The frustration is justified. Our platform can detect, recover, and remediate without human intervention. We believe that we are at the forefront to stop attacks, no matter where they originate from, what they look like, and even if they are occurring for the first time. The solution understands in real-time whether there’s an anomaly.
Q. From what you have shared, will it be right to say that the platform understands in real-time where there is an anomaly without relying on any prior knowledge?
SentinelOne solution is a single lightweight agent that understands all the past attack patterns. It is akin to having a DNA memory of attacks of the past 20-25 years and of attacks that have not been seen before.
We have two primary engines viz. the static and the behavioral. These engines are well-trained and do not slow down business applications.
Our technology has helped flip the balance of power back to the CISOs or the defenders. This means that one can use artificial intelligence (AI) as a force multiplier because adversaries are already using it to their own advantage. We must reduce human dependency dramatically for the detection, prevention, and management of alerts as this model has failed.
Q. Why has this model failed? Can you substantiate this with an example?
I will give an interesting fact. Most of the attacks usually occur between Friday evening to midnight and not on a Monday morning. The reason is that we, as humans, are the most vulnerable during the end of the week. Most importantly, the A team which manages the security during the prime time is replaced by the B team that which over for the weekend. The adversaries know this. To be able to defend irrespective of which team is present, the tools need to be autonomous to not just detect and prevent, but remediate, in real-time.