SentinelOne announced the general availability of its next generation container and cloud-native workload protection (CWPP)
offering. The solution is the first to offer fully featured autonomous
Runtime Protection, Detection, and Response for cloud workloads. Purpose
built for containers, SentinelOne's CWPP offering provides the richest
set of capabilities on the market, including advanced runtime
protection, full remote shell to any pod, container kill, and full
remediation to empower security and DevOps teams - all seamlessly within
SentinelOne's Singularity platform.
With
this release, SentinelOne extends its XDR platform to introduce full
visibility, detection, response and threat hunting for containerized
workloads using the same console which is used for endpoints and IoT
devices. Deployed seamlessly through popular DevOps tools such as Helm,
the solution delivers SentinelOne's patented Behavioral AI, Static AI,
and autonomous response capabilities across all major Linux platforms,
physical and virtual, cloud-native workloads, and containers - providing
prevention, detection, response, and threat hunting for tomorrow's
cyber threats.
"As
organizations embrace the operational efficiency of Kubernetes, they
need a security solution that protects their containerized applications
from unknown malware, zero days and in-memory attacks in real time,
while automatically pinpointing which image and pod was the target,"
said Guy Gertner, VP of Product Management, SentinelOne. "Furthermore,
enterprises need an easy-to-deploy solution that won't slow or interfere
with business processes. We're proud that our container protection
solution, powered by our unmatched behavioral AI models, meets this
critical and growing business imperative."
Fully-Featured Prevention, Detection, & Response
SentinelOne's ActiveEDR allows
security teams to quickly understand the story and root cause behind
threat actors in containerized environments and autonomously respond.
SentinelOne uses Static AI and Behavioral AI models that do not require
baselining for providing runtime security, protecting organizations from
both known vulnerabilities and zero-days.
Full Remote Shell to Pods & Containers
Full
Remote Shell capabilities arm security teams with a rapid way to
investigate threats, collect forensic data, and remediate breaches no
matter where the compromised containers are, eliminating uncertainty and
greatly reducing any downtime that results from an attack.
Complete Container Telemetry for XDR
SentinelOne
is the only vendor to extract complete container attributes for
granular awareness and rapid response. Container details include cluster
name, node name, deployment type, pod name, container image name, and
container ID for unprecedented visibility and aggregated Singularity XDR
context. These attributes are all additive to SentinelOne's existing
EDR data categories.
"SentinelOne's
Behavioral AI technology has significantly improved how our customers
are able to protect their endpoints. With this new release, they are
bringing the Behavioral AI technology to containerized workloads," said
Dan Thormodsgaard, CTO and Co-Founder, Fishtech Group. "Run-time
protection of workloads is very important as not all app-level
vulnerabilities might be fixed in production systems. SentinelOne's
approach to this problem is unique and very consistent with how they
protect laptops, servers, and virtualized workloads. The autonomous
prevention and remediation provides huge value to our customers."