EXPERT
OPINION
surrounds us everywhere we go, from
Alexa to Google Home, Nest to smart
speakers – you’d struggle to find a home
that hasn’t incorporated some form of AI.
Beyond our devices, AI recommendation
engines are allowing for highly targeted
(and creepily precise) advertisements
across the web and social media.
Machine Learning and other additions
are also making AI even more intelligent.
This allows AI to monitor anomalies,
perform classification on gathered data
and predict if a user is about to quit a
service, for example.
It is more important
than anything to
secure your devices
and not allow any
active attacks.
and rollback. To adequately defend the
business and adopt cloud, containers,
IoT and more, organisations need
dynamic Artificial Intelligence-driven
(AI) next-generation endpoint protection
platforms that defend every endpoint
against all types of attacks, at every
stage in the threat life cycle without the
need for human intervention.
Why is minimal dwell time so
important and how does your
technology address this?
In our opinion, there is no such thing as
minimal or maximal dwell time, all the
talks about keeping a breach dwell time
under 200 days instead of the average
285 days are pointless. If an attack
takes place and is not detected before it
is launched, we lost.
We address this challenge by not
accepting any dwell time scenarios.
Detection and response are done in realtime.
SentinelOne’s patented technology
links all behaviours and indexes all
activities into a storyline on the agent, in
real-time. Our analysts can hunt faster,
focusing on what matters, instead of
wasting time looking for the needle in
the haystack. Malicious attempts are
prevented in real-time, reducing overall
risk and alert fatigue all too common
with other EDR products.
Are there any emerging trends in
endpoint security of which CISOs
should be aware?
Technology is becoming more and more
disruptive and, as Digital Transformation
continues its march, more and more
trends will emerge – especially
concerning endpoint security. We
believe that further adoption of AI will
continue and will impact the security
sector in various ways. AI already
But with more capabilities comes more
code and with more code comes more
bugs. Coupled with the fact that AI is a
new technology, which as a rule makes
it inherently less secure, it’s easy to see
why cybercriminals are taking advantage
of this problematic new tool.
AI shows no signs of slowing down; it’s
effective and addictive, which is why
we have adopted it with open arms.
Clearly, there’s no going back now.
As defenders, our next step has to be
building the tools, security models and
processes to combat the wave of deep
fakes and beyond, securing a bright
future with AI by our side, not against us.
What advice would you give to
organisations to ensure they
have a comprehensive endpoint
security strategy in place?
Stopping the attack from happening is
just part of the solution, a lot of malicious
files can sit in your system for days and
months and continue exploiting your data
even after a breach is mitigated.
It is more important than anything to
secure your devices and not allow any
active attacks. In the absolute worstcase
scenario, our last reserve is the
rollback function that we offer to our
customers. If your system doesn’t have
the ‘pre-attack state’ back up, your
endpoint cybersecurity infrastructure is
as good as non-existent. u
www.intelligentciso.com | Issue 25
43