SentinelOne unveils cloud data security products for Amazon S3, NetApp

SentinelOne, the autonomous cybersecurity company, recently unveiled its cloud data security product line, featuring two products: threat detection for Amazon S3 and threat detection for NetApp. 

The company said these “high-speed malware detection” solutions are specifically tailored to protect organizations that use Amazon S3 object storage and NetApp file storage from evolving malware threats in their cloud environments and enterprise networks.

SentinelOne asserts that the latest offerings further strengthen the company’s Singularity Cloud product family, complementing SentinelOne’s existing cloud workload security product line. 

This expansion aims to give customers the ability to detect, investigate and proactively mitigate threats across a diverse range of cloud environments, including public, private and hybrid clouds.

Malware on the Move

As businesses increasingly adopt cloud-based solutions, they become more susceptible to sophisticated malware attacks. To address this pressing challenge, SentinelOne said it is intensifying its focus on cloud capabilities and embracing a modern approach to protecting cloud storage and workloads from malware.

The new threat detection for NetApp and Amazon S3 products can automatically scan every file added to these two storage platforms for file-borne and zero-day malware, detecting and quarantining malicious files in real time.

“Adversaries are generating increasingly sophisticated malware attacks using generative AI, and as reported by the cloud providers themselves, cloud storage is an increasingly used delivery channel for delivering them,” Ely Kahn, vice president of product management, cloud security, and AI/ML products at SentinelOne, told VentureBeat. “Our cloud data security products bring AI-powered threat detection to cloud storage, enabling businesses to automatically detect malware hiding within it in a modern way.”

According to Kahn, many cloud data protection solutions rely solely on signature-based approaches. In contrast, he said, SentinelOne adopts a hybrid approach, using both signature and non-signature-based methods driven by the companies proprietary AI detection engines. 

Additionally, the platform includes a unique “protect mode,” empowering customers to configure automatic quarantine for malicious files and objects, a feature lacking in competitors’ products that only offer a detect mode.

“Our new products can scan new files/objects in milliseconds, and our customers tell us we are three times faster than anything else they have tested,” Kahn told VentureBeat. “While many competitors require customer data to be pulled into their cloud environment to be scanned, we ensure no customer files/objects never leave their cloud environment, supporting privacy and data sovereignty needs.”

Leveraging AI to detect cloud threats in real time

SentinelOne emphasizes that the cornerstone of its new security products lies in their proprietary Static AI engine. Unlike traditional methods, this AI engine does not rely on signatures for malware detection. 

The company explained that the AI engine has undergone extensive training on hundreds of millions of malware samples, enabling it to adeptly detect unknown malware, including malware linked to zero-day exploits.

The engine also possesses a native understanding of typical attributes found in malware files.

Cloud security operations have historically been segregated from a company’s overall security operations. Kahn asserts that as companies gain a better understanding of cloud security, they aim to consolidate all threat management, including for both cloud and data-related threats, into a unified process.

Kahn said the company collaborated closely with NetApp and Amazon Web Services to ensure seamless integration of SentinelOne’s offerings with the storage solutions, resulting in an optimal combination of security and performance for their shared customers.

“The reconfigurability capabilities allow customers to decide whether they want threat detection coverage across all their S3 buckets or just certain ones in certain accounts. Customers can also decide if they want some accounts or buckets configured in protect mode and others in detect mode,” he explained. “If there are certain buckets with highly sensitive operational workloads, the customer can configure those with detect mode and all others with our protect mode.”

Kahn asserted that the solutions represent a significant step forward in SentinelOne’s mission to help customers prevent tomorrow’s attacks today, but that they are just a first step.

“AI is going to supercharge the threat landscape, and we will continue to leverage it to deliver additional cloud workload security and cloud data security products that organizations can use to detect and prevent the spread of malware across their cloud environments and enterprise networks, as they emerge with machine speed,” Kahn told VentureBeat.