Under the terms of the agreement, SentinelOne will acquire Attivo Networks in a cash and stock transaction valued at $616.5 million. The acquisition is expected to close in SentinelOne’s upcoming fiscal second quarter, subject to regulatory approval and customary closing conditions.

 

“The shift to hybrid work and increased cloud adoption has established identity as the new perimeter, highlighting the importance of visibility into user activity. Identity Threat Detection and Response (ITDR) is the missing link in holistic XDR and zero trust strategies,” said Nicholas Warner, COO, SentinelOne. “Our Attivo acquisition is a natural platform progression for protecting organizations from threats at every stage of the attack lifecycle.”

 

According to Gartner, “misused credentials are now the top technique used in breaches.” Attackers are targeting identity and access management gaps to gain a foothold within trusted environments and advance laterally in pursuit of high-value targets. “In our breach response engagements, Active Directory (AD) and identity-based attacks are too common,” said Ed Goings, National Leader, Cyber Response Services, KPMG. “Attackers are aware that AD is the crown jewel of the enterprise - controlling end user entitlement, access, and privileges. Unauthorized AD access grants bad actors the ability to install backdoors, exfiltrate data, and change security policies. I’m excited about Singularity XDR now encompassing identity threat detection and response.”

 

Attivo Networks serves global customers from leading Fortune 500 companies to government entities, protecting against identity compromise, privilege escalation, and lateral movement attacks.

 

Together, SentinelOne and Attivo Networks will deliver comprehensive identity security as part of Singularity XDR for autonomous protection including:

  • Identity Threat Detection and Response: Attivo’s identity suite delivers holistic prevention, detection, and response. It protects in real time against credential theft, privilege escalation, lateral movement, data cloaking, identity exposure, and more supporting conditional access and zero trust cybersecurity.
  • Identity Infrastructure Assessment: Attivo’s identity assessment tool provides instant Active Directory visibility of misconfigurations, suspicious password and account changes, credential exposures, unauthorized access, and more enabling identity-focused attack surface reduction.
  • Identity Cyber Deception: Attivo’s network and cloud-based deception suite lures attackers into revealing themselves. Through misdirection of the attack with tactics including breadcrumbs and decoy accounts, files and IPs, organisations gain the advantage of time to detect, analyze, and stop attackers and insider threats without impacting enterprise assets.

Read the official press release here.