Cybersecurity firm SentinelOne has acquired Attivo Networks in a $616.5 million deal, bolstering its extended detection and response (XDR) platform with enhanced identity-based threat protection. The acquisition aims to address the growing $4 billion identity security market and provide a more comprehensive zero-trust framework. According to SentinelOne CEO Tomer Weingarten, the integration of Attivo’s user-centric identity capabilities will significantly enhance the company’s cybersecurity offerings, particularly in the critical identity parameter of enterprise security.
The acquisition brings together Attivo’s advanced identity threat detection and response capabilities with SentinelOne’s XDR platform. Attivo’s platform, used by over 300 customers including Fortune 500 companies and government entities, features agent-based identity protection, identity infrastructure assessment, and identity-based vulnerability scanning. Weingarten highlighted that this integration will support a more robust zero-trust framework, a security model gaining prominence following the Biden administration’s executive order on cybersecurity.
Industry Context and Impact
The deal underscores the growing importance of identity security in the cybersecurity landscape. Forrester analyst David Holmes noted that enterprise identity plays a critical role in the zero-trust world now mandated by various government regulations. While Attivo was known for its deception technology, SentinelOne was particularly interested in its Active Directory protection portfolio.
This acquisition is part of a larger trend in the cybersecurity industry where XDR vendors are expanding into identity protection. CrowdStrike, another major XDR vendor, has also made significant moves in this space, including acquiring Preempt in 2020. The acquisition is expected to close in SentinelOne’s fiscal second quarter of 2023.
Implications for Deception Technology
The acquisition also raises questions about the future of standalone deception technology. Holmes observed that while deception tech was innovative, it struggled to gain independent traction. The trend of larger vendors acquiring deception technology suggests that these capabilities are being integrated into broader security platforms. For security decision-makers, this means evaluating how deception technology can be paired with key security domains like identity protection.
As the cybersecurity landscape continues to evolve, the integration of Attivo’s capabilities into SentinelOne’s XDR platform is likely to create a more comprehensive security solution for enterprises, particularly in the critical area of identity security.