IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
SentinelOne to acquire Attivo Networks, bringing identity to XDR
Thu, 17th Mar 2022
FYI, this story is more than a year old

SentinelOne, an autonomous cybersecurity platform company, has announced it has entered into a definitive agreement to acquire Attivo Networks.

SentinelOne plans to extend its AI-powered prevention, detection, and response capabilities to identity-based threats with the acquisition. Under the agreement terms, SentinelOne will acquire Attivo Networks in a cash and stock transaction valued at $616.5 million. The acquisition is expected to close in SentinelOne's upcoming fiscal second quarter, subject to regulatory approval and customary closing conditions.

"The shift to hybrid work and increased cloud adoption has established identity as the new perimeter, highlighting the importance of visibility into user activity," says SentinelOne chief operating officer, Nicholas Warner.

"Identity Threat Detection and Response (ITDR) is the missing link in holistic XDR and zero trust strategies. Our Attivo acquisition is a natural platform progression for protecting organisations from threats at every stage of the attack lifecycle."

According to Gartner, misused credentials are now the top technique used in breaches. And attackers are targeting identity and access management gaps to gain a foothold within trusted environments and advance laterally in pursuit of high-value targets.

"In our breach response engagements, Active Directory (AD) and identity-based attacks are too common," says KPMG national leader, Cyber Response Services, Ed Goings.

"Attackers are aware that AD is the crown jewel of the enterprise controlling end-user entitlement, access, and privileges. Unauthorised AD access grants bad actors the ability to install backdoors, exfiltrate data, and change security policies. I'm excited about Singularity XDR now encompassing identity threat detection and response."

Attivo Networks serves global customers from Fortune 500 companies to government entities, protecting against identity compromise, privilege escalation, and lateral movement attacks.

The two companies say they will deliver comprehensive identity security as part of Singularity XDR for autonomous protection, including:

Identity Threat Detection and Response: Attivo's identity suite delivers holistic prevention, detection, and response. It protects in real-time against credential theft, privilege escalation, lateral movement, data cloaking, identity exposure, and more supporting conditional access and zero trust cybersecurity.

Identity Infrastructure Assessment: Attivo's identity assessment tool provides instant Active Directory visibility of misconfigurations, suspicious password and account changes, credential exposures, unauthorised access, and more, enabling identity-focused attack surface reduction.

Identity Cyber Deception: Attivo's network and cloud-based deception suite lures attackers into revealing themselves. Through misdirection of the attack with tactics including breadcrumbs and decoy accounts, files and IPs, organisations gain the advantage of the time to detect, analyse, and stop attackers and insider threats.

"We're thrilled to join SentinelOne, the category leader in XDR. Attivo's solutions are a perfect complement, as an XDR with identity protection significantly improves organisational security posture," says Attivo Networks' CEO, Tushar Kothari.

"As the threat landscape evolves, identity remains the central nervous system of the enterprise. Combined with the power of SentinelOne's autonomous XDR, well bring real-time identity threat detection and response to the front lines of cyber defence."

Tomer Weingarten, CEO of SentinelOne, says, "The acquisition of Attivo Networks continues our commitment to defining and delivering autonomous XDR.

"Identity fuses together all enterprise assets, and I see identity threat detection and response as an integral part of our XDR vision. Attivo Networks is the right technology and team to advance our portfolio, complementing our hypergrowth and accelerating enterprise zero trust adoption."