Insights from SentinelOne's first customer conference, OneCon23

Earlier in the month I had the chance to attend OneCon, SentinelOne’s first ever customer conference in Boca Raton, Florida. This event was a pleasure to be at, not least as the Florida weather in November is considerably better than what we’re accustomed to in London.

The SentinelOne partnership is very important to the Noetic team. It was one of the first integrations we developed, bringing their high-fidelity endpoint, cloud and network telemetry into the Noetic platform. Since then, we’ve continued to partner together and innovate and were delighted to be among the early portfolio companies in the SentinelOne S Ventures investment fund, a fantastic recognition of our novel approach to the attack surface and exposure management problem.

As a long-standing SentinelOne technology partner, it made perfect sense for us to sponsor the first inaugural customer conference. I had the opportunity to attend alongside our Chief Revenue Officer, Mike Rogers.

Key Highlights from OneCon23

The event itself was a great success, with more than 490 SentinelOne partners and customers from all over the world in attendance. It was great to have the opportunity to engage with security leaders from the SentinelOne customer base and to hear the latest developments from the SentinelOne leadership and product team.

There were some fantastic talks at the event, from eminent speakers at CISA, Forrester Research, Google Cloud (Mandiant) and more, and I was really engaged by Malcolm Gladwell’s keynote. His talk emphasized that what we do is about ‘trust’ not ‘technology’, which is an important fact for us all to remember.

It is also exciting for me personally and the Noetic engineering team to see future opportunities to deliver more customer value around the innovations coming for the Singularity™ Platform. Outside of the significant announcement of the new AI assistant, Purple AI, and the launch of the new risk & advisory group with cyber industry leaders Chris Krebs and Alex Stamos, there were three principal areas that caught my attention, these were:

  • New Identity & Vulnerability Exposure capabilities coming to Singularity Endpoint.
  • A major enhancement to SentinelOne’s cloud security offering, with an agent and agentless Cloud Native Application Protection Platform (CNAPP) and a new integration between Singularity™ Cloud Workload Security and Snyk.
  • Singularity Data Lake, a central, unified solution for security and IT analytics.

The Synergy Between Noetic and SentinelOne

Looking at these different innovations, I can see clear areas of synergy for the Noetic team to build upon and extend the value of our joint deployments with SentinelOne customers worldwide.

First, we will continue to extend our support for Singularity Endpoint, adding greater support for the different identity and vulnerability insights that the SentinelOne agent is collecting. We recently updated our connector to include vulnerability and application risk data. The extensible data model that is at the heart of the Noetic platform makes it simple for us to update and add additional use cases, allowing customers to ask increasingly complex questions about their exposure.

SentinelOne’s additional cloud security investment is also well aligned to our roadmap. A critical customer benefit is Noetic’s ability to give them an integrated view into potential exposures and cyber risk across different cloud environments, unified with their on-premises footprint. The concept of exposure management is about looking beyond vulnerabilities to cover cloud misconfigurations, unprotected datasets and other ‘unpatchable’ exposure, Noetic is well positioned to deliver against that vision.

Finally, it is great to see the innovation that SentinelOne is bringing in consolidating security and log data across Security Information and Event Management (SIEM), Extended Detection Response (XDR), and Log Analytics solutions. Noetic can help SentinelOne customers to manage this transition through our ability to provide context and insights based on the different data sources in use.

We can help to identify which SIEM, XDR or Log Management tools have different perspectives of differing log sources currently, during transition and into operationalization. This helps to shorten time to value from these investments and assist security teams in managing a transition effectively, ensuring they meet their key control metric of excellent coverage of systems sending data to security detection infrastructure.

Looking Forward to OneCon24

For Mike and I, our time spent at OneCon23 in Florida was incredibly valuable. From hearing how customers are getting value out of their investment in SentinelOne today, to also to getting a glimpse of the impressive innovation that the SentinelOne team are delivering now and in the near future. We’re excited about continuing to partner with the team and look forward to showcasing more at OneCon24 in Las Vegas.

Craig Roberts presenting Noetic to an attendee at OneCon

To learn more about our joint initiatives with SentinelOne, check out our joint solutions brief: XDR & CAASM to Achieve Greater Security Coverage.