KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects and responds to attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real time for both on premise and cloud environments and is the only solution to provide full visibility across networks directly from the endpoint. To learn more visit sentinelone.com.
Join security experts from KuppingerCole Analysts and SentinelOne to help you get an understanding of what eXtended Detection & Response (XDR) really is, and why you should consider this emerging technology in your enterprise security stack.
John Tolbert, Director Cybersecurity Research at KuppingerCole and Marko Kirschner, Director of Sales Engineering Central Europe at SentinelOne will define XDR, including which technical components are necessary for distinguishing XDR from Endpoint Detection & Response (EDR), and how XDR differs from Security Orchestration Automation & Response (SOAR).
They will also discuss why XDR is an important useful amalgamation and evolution of security tool sets, the use cases it solves, and where it should fit on organizational security technology roadmaps.
In the digital era, as businesses become increasingly reliant on IT, a potentially devastating cyber-attack or other type of disruptive cyber incident is inevitable. Being prepared is the single most effective action that those responsible for information security can take.
The traditional paradigm of investing in protection of known threats alone has been declining over recent years, as attackers become more adaptable and capable. Combine this with increased threats and attacker ingenuity it is small wonder that a CISO’s role has become more complex. This leads to the inevitability of a security incident where the complex environments and inventive attacks collide.
This presentation looks at three fundamentals:
Why traditional protective approaches are no longer effective enough.
How complexity has made the CISO’s ability to respond more difficult.
The importance of automation in the response process to address this paradigm shift CISOs now face
The realization that cyber-attacks are inevitable has led the cybersecurity industry to shift some of its focus to detection and response rather than prevention in recent years. Therefore, the market for solutions designed to detect attacks on endpoints and respond accordingly has grown significantly. These Endpoint Detection & Response (EDR) solutions look for evidence and effects of malware that may have slipped past Endpoint Protection (EPP) products. EDR tools also perform evaluation of threat intelligence, event correlation, and often allow interactive querying, live memory analysis, and activity recording and playback.
The traditional approach forces enterprises to deploy multiple additional security solutions – EPP, EDR or NDR among them – to try and close remaining gaps, leading to even higher strain on security analysts. Facing response times of hours if not days, companies turn to managed services that rely on the scale of the cloud to reduce the load but introduce additional operational and compliance challenges.
What if there were a modern alternative to hoarding security tools, relying instead on a single unified platform with a single endpoint agent to perform all those functions, not just reducing the overall complexity but closing the remaining gaps for malware to slip through? What if such a platform were able to work without the need to reach out to the cloud, decreasing the time to detect and mitigate a threat to seconds instead of hours?
