Interview: SentinelOne’s Tomer Weingarten on the Future of Mobile Endpoint Security
Tomer Weingarten is the CEO and co-founder of SentinelOne. The company provides next-generation endpoint security to assist organizations in protecting their devices from a range of attacks. Because mobile endpoints are an increasingly popular target for cyber attacks, businesses must be prepared for whatever the future of mobile security brings. With five years of experience at SentinelOne, Weingarten was able to provide insight into what the future of mobile endpoint security will bring.
How important is visibility across attack surfaces?
Visibility across attack surfaces is critical for an end-to-end, enterprise-wide security program – seeing is the first step to protecting. If we only look myopically at one attack surface in isolation, for example, the network with a firewall, we miss the bigger picture and our overall security posture suffers. Gaining visibility across the entire estate is key to understanding the inherent risks facing devices, groups, and users.
Based on your partnership with Lookout, it seems that the ability to preemptively detect threats is imperative. Is this a capability you expect to be offered by more providers in the near future?
Preemptively detecting threats through the use of predictive technologies such as AI and ML are hallmarks of next-gen technology solutions. At SentinelOne, we fortify our protected endpoints with static AI and behavioral AI models to gain maximum efficacy against the broadest array of vectors known to the endpoint. Lookout’s Mobile Risk Index has the broadest datasets across mobile apps and devices as well as network and web vulnerabilities, specifically tailored to mobile threat variants. Their datasets working in conjunction with and further fueling our static and behavioral AI models creates a uniquely powerful protection for mobile endpoints.
I do believe that more providers will attempt to be much more predictive in the near future because it is simply the best way to protect endpoints and the way of the future. However, in order to do predictive analysis properly, you need extremely high-quality datasets and time to train models. Both of these things are key blockers and barriers for newcomers. Predictive technologies take time to soak in the wild, it’s not something you can just flip the switch on. This is why building a model that’s deployable at scale in the world’s leading and complex enterprises is no easy feat.
Do you believe the trend of attackers targeting mobile devices heavily, rather than desktops, will continue in the future? Why or why not?
There is a trend of mobile devices being increasingly more targeted than in years’ past. However, I don’t see this coming at the expense of attackers still going after laptop, desktop, server, and cloud endpoints. Mobile as a surface is more crucial to everyday computing and productivity than ever before; and as such, it’s relevance rises from an attacker’s perspective.
With that said, if you look at the numbers, mobile is still dwarfed by the millions of new malware variants created daily for non-mobile endpoints. An attacker’s favorite attack vector is the one that works, and they are simply looking for vulnerabilities regardless of whether the endpoint is desktop, server, or mobile. That is why our partnership with Lookout is so important, because of the trend of an increase in mobile threats and the vulnerability of that attack surface. Couple that with customers wanting a holistic solution to manage the security posture of all endpoints in uniform fashion and that’s where we can really make a huge impact.
In the coming years, do you believe the deployment of endpoint security solutions will increase significantly?
Today, endpoint security solutions are already commonplace in enterprises and SMBs and I don’t necessarily see deployments increasing. However, I see WHAT is being deployed changing dramatically. In the past, it was legacy AV solutions that required many vendors and many agents. In fact, the average enterprise would run more than 8 agents on their endpoint in the name of cybersecurity. Today, with next-gen solutions like SentinelOne, we can drastically reduce that number with consolidated capabilities in our single-agent approach to EPP, EDD, and more. I also see the mobile threat defense space growing in importance, with more enterprises seeking to actively protect their mobile fleet. To that end, I expect that over time we will see the deployment of mobile threat defense solutions rise.
How can enterprises combat the growing complexity of cyber attacks?
Fundamentally, it is critical that they stay updated with cutting-edge, predictive technologies and run a thorough patch management program. This will keep the hygiene of the endpoint as clean as possible with up-to-date programs which is the backbone of defense. Bad actors are efficient and fast operators so predictive technologies are really the only way to keep up. Whether it’s SentinelOne’s static AI or proprietary behavioral AI — or Lookout’s threat models from 150MM mobile devices — challenge your organization to test new technologies, evaluate integration capability, and choose something that will make ongoing management easy and flexible for your organization of today and tomorrow.