Sentinel One: Interesting Interview w/ CEO

Sentinel One’s CEO, Tomer Weingarten, gives some interesting color in this interview on the security space in general, why Google’s purchase of Mandiant was much more positive than if Microsoft had gone through with that, the nature of AI/ML technology and so forth. I recommend checking it out……


Thanks for posting this as it is worth reading. I agree that the GOOG acquisition was much better for Sentinel. GOOG/Mandiant should continue to be a partner with Sentinel, well let’s hope it continues. Microsoft endpoint Defender is a fine tool and what I use at home. IMO Defender is really for personal PCs and is free with the Windows license. But for commercial deployments, it is very inadequate given the aggressive actors and the sophisticated techniques.

Tomer talks a lot about his AI/ML and XDR capabilities but this is really standard fair if you are in this business. You must have visibility with ML across a lot of data to identify an anomalous behavior. Else you are chasing false positives and wasting human time. Give Sentinel One credit for winning some detection competitions but this does not always mean best in class. It just gives Sentinel One a door invitation. Sentinel also brings in their cloud SIEM and SOAR dashboard. They can integrate their EDR/XDR with other dashboards or offer their own. I would love to get a demo someday and ask questions. The unique Sentinel One technologies that stand out for me are 3 things; lateral movement detection (primary method for bad actors getting to rich assets), automated attack resolution, and their new AD/LDAP special protection capabilities (Ativo recent acquisition). All three of these things are hard to do well. And Kevin Mandia’s endorsement means a bunch to me.

I own S over CRWD because the revenue growth is so exceptional. You cannot argue with numbers. But of course they are losing money so the risk is very high…much higher than CRWD. Sentinel must be effectively competing on technology and price with the tough competition. Any revenue fall off here means I am heading to the door. CRWD should give us some visibility into the IT security market and reports earlier.