3 min

Four months after acquiring PingSafe, SentinelOne has integrated it into its own platform. Singularity Cloud Native Security is a CNAPP (Cloud Native Application Protection Platform) that uses, among other things, the Offensive Security Engine developed by PingSafe.

SentinelOne’s acquisition of PingSafe, which we published an extensive story about last January, marked a big step for SentinelOne in cloud security. Today at RSA Conference, the company announced that it has integrated CNAPP into its own platform. The new functionality goes by the name Singularity Cloud Native Security.

With Singularity Cloud Native Security, SentinelOne now has an agentless solution to protect customers’ cloud environments, alongside its agent-based offerings. What makes this solution special is that it was built by a group of people, with former CEO Anand Prakash as the figurehead, who look at cloud security from a hacker’s perspective.

From Attack Path to Exploit Path

PingSafe’s and now Singularity Cloud Native Security’s objective is not so much to identify as many vulnerabilities as possible, but rather to find those that are actually dangerous. This deals with the fundamental difference between Attack Paths and Exploit Paths. The latter are the most important to find, as those are the routes that attackers actually take to get into an organization’s cloud environment. Attack Paths only add unwanted noise to the situation.

As a world-renowned white hat ethical hacker, Prakash certainly has the authority to talk about why many cloud security offerings focus on the wrong things. He started ethical hacking before 2010, initially for fun, then to make some extra money from it and later to set up PingSafe.

SentinelOne Singularity Cloud Native Security, as already indicated, is an agentless CNAPP and simulates attack methods. The result of these simulations is a list of exploitable vulnerabilities. Security teams can work with this so that the issues are fixed before real hackers take advantage of them. Initially, by the way, this was not an easy pitch to potential customers, we hear from Prakash. After all, it meant “attacking” their environments. However, these doubts disappeared fairly quickly when he was able to show very clear results right away.

Mind you, Singularity Cloud Native Security is not just PingSafe’s offering in a purple SentinelOne jacket. Says Prakash, “Singularity Cloud Native Security is already much better than PingSafe was when we sold it to SentinelOne. It is much more scalable, thanks to changes to the underlying architecture. The platform has otherwise stayed the same, though.”

Offensive Engine

At the foundation of PingSafe and thus SentinelOne Singularity Cloud Native Security is the Offensive Security Engine. Through this engine, the attack simulation takes place. The insights fed back are free of false positives, is the idea. After all, only actually dangerous attack routes are identified. These have already been deployed by the Offensive Security Engine for a simulated attack. It also takes into account the size of the risk, allowing security experts to prioritize urgent issues.

The new agentless component is part of the Singularity platform. Singularity Cloud Native Security is there primarily for detection purposes. However, that is not enough, SentinelOne also realizes. Ultimately, prevention is even better than detection, no matter how quickly it occurs. To that end, SentinelOne has the necessary other components on offer. These use an agent and can quickly jump in at the moment an attack needs to be repelled. As Prakash puts it when we speak to him, “if the Offensive Engine simulates an attack, the runtime agent can immediately take action and shut down the attack route.”

Cloud Native Security is available immediately in North America. We currently have no information on availability elsewhere. As soon as we hear more about that, we will update this post.