SentinelOne Buys Attivo Networks For $616M

March 16, 2022

SentinelOne has entered into a definitive agreement to acquire Attivo Networks, a leading identity security and lateral movement protection company. With this acquisition, SentinelOne extends its AI-powered prevention, detection, and response capabilities to identity-based threats, setting the standard for XDR and accelerating enterprise zero trust adoption.

Under the terms of the agreement, SentinelOne will acquire Attivo Networks in a cash and stock transaction valued at $616.5 million. The acquisition is expected to close in SentinelOne’s upcoming fiscal second quarter, subject to regulatory approval and customary closing conditions.

“The shift to hybrid work and increased cloud adoption has established identity as the new perimeter, highlighting the importance of visibility into user activity. Identity Threat Detection and Response (ITDR) is the missing link in holistic XDR and zero trust strategies,” said Nicholas Warner, COO, SentinelOne. “Our Attivo acquisition is a natural platform progression for protecting organizations from threats at every stage of the attack lifecycle.”

According to Gartner,1 “misused credentials are now the top technique used in breaches.”

Attackers are targeting identity and access management gaps to gain a foothold within trusted environments and advance laterally in pursuit of high-value targets. “In our breach response engagements, Active Directory and identity-based attacks are too common,” said Ed Goings, National Leader, Cyber Response Services, KPMG. “Attackers are aware that AD is the crown jewel of the enterprise - controlling end user entitlement, access, and privileges. Unauthorized AD access grants bad actors the ability to install backdoors, exfiltrate data, and change security policies. I’m excited about Singularity XDR now encompassing identity threat detection and response.”

Attivo Networks serves global customers from leading Fortune 500 companies to government entities, protecting against identity compromise, privilege escalation, and lateral movement attacks. Together, SentinelOne and Attivo Networks will deliver comprehensive identity security as part of Singularity XDR for autonomous protection including:

Identity Threat Detection and Response: Attivo’s identity suite delivers holistic prevention, detection, and response. It protects in real time against credential theft, privilege escalation, lateral movement, data cloaking, identity exposure, and more supporting conditional access and zero trust cybersecurity.

Identity Infrastructure Assessment: Attivo’s identity assessment tool provides instant Active Directory visibility of misconfigurations, suspicious password and account changes, credential exposures, unauthorized access, and more enabling identity-focused attack surface reduction.

Identity Cyber Deception: Attivo’s network and cloud-based deception suite lures attackers into revealing themselves. Through misdirection of the attack with tactics including breadcrumbs and decoy accounts, files and IPs, organizations gain the advantage of time to detect, analyze, and stop attackers and insider threats without impacting enterprise assets.

“We are thrilled to join SentinelOne, the category leader in XDR. Attivo’s solutions are a perfect complement, as an XDR with identity protection significantly improves organizational security posture,” said Tushar Kothari, CEO, Attivo Networks. “As the threat landscape evolves, identity remains the central nervous system of the enterprise. Combined with the power of SentinelOne’s autonomous XDR, we’ll bring real-time identity threat detection and response to the front lines of cyberdefense.”

“The acquisition of Attivo Networks continues our commitment to defining and delivering autonomous XDR,” said Tomer Weingarten, CEO, SentinelOne. “Identity fuses together all enterprise assets, and I see identity threat detection and response as an integral part of our XDR vision. Attivo Networks is the right technology and team to advance our portfolio, complementing our hypergrowth and accelerating enterprise zero trust adoption.”