Roberto NARETTOTechnical Director – CTOrnaretto@exclusive-networks.com+39.347.0569.515

The new dawn of End Point Protection

EXTINCTION WARNING: AntiVirusaurus

…and AV Vendors Know It

The Edge of Extinction Legacy AV Will Be Wiped Out !

Desktop antivirus is a dinosaur – about to become extinct!

> Traditional antivirus and network-based solutions have proven to be

ineffective

> 25-50% of threats are being missed

> Detection is half the battle

Market dominated by legacy vendors

> No innovation

> No credibility - 44% of customers using AV/EPP… have been

compromised! (Gartner)

> Too easy for advanced attacks to go unnoticed

> Too slow to detect and react

Enterprises must ‘break the habit’ of buying legacy AV

> Only 43.8% of endpoint security spending was deemed ’effective’

with just 14% representing a ‘big win’ for the organisation (SANS

Institute )

> Endpoint security is the TOP priority for CIOs/CISOs in 2016!

Top Priority Concern for CIO’s

81% of CIOs ranked End Point Security as their Top Priority in 2016

(Piper Jaffray, 2016 CIO Survey)

Pushing the AntiVirusaurus to Extinction

Shaking up the market

> For the first time: an alternative to legacy AV

> Address evolution of known and unknown advanced

threats

> Offer better protection, detection and reaction in a

single package

> Price-competitive with legacy solutions, but a far

greater margin opportunity

Market disruption opportunity from SMB to large

enterprise

> Replacing legacy AV

> Offer EPP & EDR tools in 1 solution (AV & Forensics)

> Superior to other ‘next-gen’ endpoint protection

solutions

Other next-gen solutions ‘complement’ legacy AV –

they don’t replace it!

> No other next-gen offering provides a complete

solution

> Sandboxing has become too easy for attackers to

detect and evade

Evolution is Inevitable

The Market

– $6bn a year today and growing strongly

– The endpoint is the new perimeter

The Challenge

– Known threats are not the problem

– Exploited too easily by targeted attacks/advanced threats

– CIO’s need to protect business reputation through prevention andremediation

The Strategy

– 81% of CIOs ranked it as their BIGGEST spending priority for 2016

– Driven by mobility and IoT megatrends – number of endpoints rapidlyincreasing

The Opportunity

– Only 50% of threats are getting blocked

– Today’s Threat Landscape is much more than file-based malware

– Today’s endpoint protection stuck in the Jurassic Age: still based on1980s technology!

Industry Certifications

FoundedJanuary

2013

Employees

95Headquarters

Palo Alto, CA

R&D

France, Israel

Funding

$39.5MAccel Partners

Third Point Ventures

Tiger Global Management

Granite Hill Capital Partners

Customers

100+Technology

Financial

Media

Energy

Founding Team

Tomer Weingarten

CEOAlmog Cohen

CTOEhud Shamir

CSO

SentinelOne’s leadership brings decades of

deep cybersecurity expertise developed at

Israeli Defense Force (IDF) Intelligence Branch.

SentinelOne Customers

“SentinelOne is

bringing major

innovation to endpoint

protection.”

— Doug Shean

Senior Vice President, CITI

SentinelOne & Netflix

Real-Time, Unified Endpoint Protection

is a next-generation endpoint protection company that delivers real-

time detection, prevention and remediation of advanced threats in a

single platform.

Complete visibility

into all endpoint activity

without any performance drag

Dynamic behavior analysis

to detect threats across

all major vectors

Fully automated

threat mitigation

and remediation

Certified Antivirus

replacement

Visionary

2016 Magic Quadrant for Endpoint Protection Platforms

The Endpoint is the New Perimeter

Endpoints are primary targets.

This is where sensitive data lives.

Endpoints are your organization’s

weakest link.Endpoint platforms are diverse, and often drift

from standard configuration with frequent exposure

to unsecured networks

AV is no Match for the New Threat Landscape

Malware

Exploits

Live

Attacks

Document-based exploits

Browser-based exploits

Ransomware, trojans,

worms, backdoors

File-less / Memory-based

malware

Script-based: Powershell,

Powersploit, WMI, VBS

Credentials: credential-scraping,

Mimikatz, tokens

Endpoints are Vulnerable to Multiple Attack Vectors

MALWARE EXPLOITS

File-less• Memory-only

malware

Executables• Ransomware

• Trojans

• Worms

• Backdoors

Browser• Drive-by

Downloads

• Flash, Java

• iframe/html5,

plug-ins

Documents• Office Doc

Exploits

• Adobe Macros

• SpearPhishing

e-mails

LIVE/INSIDERScripts• Powershell

• PowerSploit

• WMI, VBS

Credentials• Credential

Scraping

• Mimikatz

• Tokens

Effective Endpoint Protection Needs to Address the

Entire Advanced Threat Lifecycle

On ExecutionPre-Execution

Prevention +

Whitelisting / Blacklisting

Post-Execution

Mitigation Remediation

Forensics

Dynamic Malware

Detection

Dynamic Exploit

Detection

Today’s Enterprises Face 3 BILLION Attacks

Legacy Threats

BLOCKED

Advanced Threats

DETECTED

Advanced Threats

UNDETECTED

50%

25%

25%

Traditional, AV-based Protection

Sandboxing Solutions

“Next-Generation”

Endpoint Security

Predict Malicious Behavior

Lightweight, Autonomous Agent

Continuously monitors all low-level activity on the

endpoint device, online or offline

Dynamic Behavior Tracking

Predicts how attacks unfold against context of normal

application behavior

Real-Time Forensic Analysis

360-degree views of threat behavior, with Attack

Storyline

Rapidly Eliminate Threats

Zero-Touch Mitigation

Policy-based; covers all

endpoints for decisive incident

response

Robust Containment

Stops lateral threat movement

by disconnecting the device

from the network

Full Remediation

Reverses malware-driven file

modifications

Seamlessly Adapt Defenses

Cloud Intelligence

Extend protection by leveraging

threat intelligence from select

reputation services

Auto-Immunization

Notify all Agents on the network

when a new threat is detected

SentinelOne Benefits

Superior detection of advanced

threats without performance

overhead

Automated threat mitigation at

machine speed

Visualize attacks with real-time

forensics

Seamlessly adapt against the

latest threats

Lower TCO by up to 5x over

multi-solution approaches

Protect user endpoints and data

center servers with a single

platform

Easily deployable across

enterprise-scale environments

Optimizing Endpoint Protection with SentinelOne

Static Prevention +

Whitelisting / blacklisting

Pre-Execution

Mitigation

Remediation

Post-Execution

Forensics

Dynamic Malware Detection

Dynamic Exploit Detection

On ExecutionE

nd

po

int

Pro

tecti

on

Pla

tfo

rm

Single lightweight

agent

Single

management

console

Fewer FTEs

Reduced TCO

Multi-Solution Approach

Multiple agents

Multiple

management

consoles

More FTEs

> 4x TCO of

SentinelOne

Unified Approach

EMET

Best-in-class Next-Generation Endpoint Protection

Certified Proven Recognized

Visionary - 2016 MQ

for Endpoint Protection PlatformsThe #3 cloud hosting provider

The #1 retailer

The #1 internet television

network

The #1 online travel chain

The #2 financial exchange

Our customers include:SentinelOne is a

certified replacement

for Antivirus

PCI DSS 3.1

HIPAA

Visionary: 2016 Gartner MQ for Endpoint Protection Platforms

“SentinelOne is the only vendor in this analysis

that includes full EDR-type functionality in the

core platform. SentinelOne is a good prospect

to replace or augment existing EPP solutions

for any company looking for a fresh approach

and integrated EDR…”

Address evolution of known and unknown

advanced threats

Offer better protection, detection and reaction in

a single package

Pure Player – Built for purpose

SentinelOne

Next Steps

For more info, check out our collection of resources:

sentinelone.com/resources

Videos & Tutorials

S E N T I N E L O N E

Roberto NARETTOTechnical Director – CTOrnaretto@exclusive-networks.com+39.347.0569.515