Roland Stritt, SentinelOne : "The cybersecurity community needs to work together "
November 2022 by Yelena Jangwa-Nedelec, Global Security Mag
At it-sa, we met with Roland Stritt, SentinelOne’s Area VP for central EMEA. He talked to us about the importance of real time data management and about SentinelOne’s data based integrated platform.
Global Security Mag: Who is SentinelOne?
Roland Stritt: We are based in the US we have more than 2000 employees, around 9000 customers worldwide and we are now public since our IPO last year.
We were founded in 2013 and since then, we’ve changed our approach to endpoint security.
If we take a look at customers today, they have a lot of people, a lot of tools and then they use the data uniquely if something happens. They use data in a cold way, instead of using data in a positive way.
We want to turn it around because today, human power and too many tools are not able to defend enterprises from cyberattacks. Cyber attackers have automatic tools, they use machine learning, artificial intelligence, they’re very smart. The volume of data is really big so if we want to use human power by itself, we are lost.
That’s why we developed an integrated platform to protect endpoints, clouds and identities. It’s a single platform and it’s our own back end. The cybersecurity community needs to work together and we need to share because maybe some people can do some specific things better than we do. We don’t have enough resources to focus on everything, so we want to focus on the thing that we are very good at and cooperate on our open platform, via APIs, with other market leading and technology leading vendors on the market.
We have a so called marketplace and customers are able to got the management interface to open our marketplace and easily connect us with another vendors like Okta or ZScaler or other well known vendors.
GSM: What are you presenting at it-sa?
Roland Stritt: We strongly believe that cybersecurity is a data problem. We think that a cybersecurity vendor today needs to make use of data in real time. We have a lot of data but so far no one uses the data to prevent attacks in real time. When something happens, we take data, we correlate data, we action on data in real time in an autonomous way and the smart thing is it’s an integrated platform with many tools and we give only the relevant events and data to people so that they can look into it. Everything else, everything that we identify is automated. We can automatically stop and prevent what was automatically identified but we give people access to the data that is really interesting and of which they need to take care. In the cybersecurity world, there are not enough resources out there, so you need to be smarter.
We use an integrated tool on the platform to empower people to do their job and to be successful in their day to day work. So we tell people don’t panic, don’t be scared about the continuous growth of threats and events, if you’re checking out the data regularly. So we help them stay on top of the data, so that they don’t feel like the volume is too important because of the continuous growth of threats and events.
GSM: What are your key differentiators?
Roland Stritt: Our back-end and our integrated platform are what makes us different. Data is getting more and more. So we have Scala, to store data in a very efficient manner, fast and for a very long time. We can search even old data from 90 days ago and get results in seconds. That’s quite unique in the industry. That’s what the future will define because there’s gonna be more data, so you need to have the right back-end to deal with all the volume.
We’re an American based company but we also have a big development with 60 engineers in Prag, who work specifically on the needs of our customers and that especially helps EMEA customers, as they have different needs.
GSM: What are your key messages for our readers and for the CISOs?
Roland Stritt: You can’t improve cybersecurity without increasing costs and without implementing more tools. With our platform, we’re able to consolidate products, reduce the number of tools and in that way simplify the cybersecurity set-up and in a highly automated fashion with an open API framework that can easily be implemented in a customer network.