Cybersecurity Vendors SentinelOne and Horizon3.ai Gain FedRAMP Authorization
Cybersecurity companies SentinelOne and Horizon3.ai have received FedRAMP authorization, allowing them to sell their AI-powered cybersecurity solutions to federal agencies. This authorization is a significant step for cybersecurity vendors looking to work with the government, as it ensures their technology meets rigorous standards for handling sensitive government data in cloud environments.
SentinelOne’s Authorized Products
SentinelOne’s Purple AI automated SecOps tool, Singularity Cloud Security CNAPP (Cloud Native Application Protection Platform), and Singularity Hyperautomation no-code automation offering have all obtained high-impact level authorization. These products are designed to enhance threat detection, response, and investigation through AI-driven solutions. Purple AI allows for natural language queries and threat hunting, while the CNAPP provides autonomous threat detection and response, discovers unprotected cloud workloads, and proactively detects exploitable risks. The no-code hyperautomation enables rapid design, testing, and deployment of SecOps workflows without requiring advanced programming knowledge.
Horizon3.ai’s NodeZero Federal Platform
Horizon3.ai’s NodeZero Federal platform uses AI to autonomously scan, identify, and fix weaknesses in an organization’s attack surface. The platform then verifies the effectiveness of these fixes. This capability is particularly valuable for organizations in the defense industrial base (DIB) and critical infrastructure sectors, which are increasingly targeted by threat groups aligned with foreign adversaries.
The FedRAMP authorization benefits not only the vendors but also their MSSPs (Managed Security Service Providers) and other channel partners. According to Kevin McGrail, cloud fellow and principal evangelist with Google Cloud security partner DitoWeb, this authorization can open up opportunities in other sectors beyond federal agencies, including state and private sectors where security is a significant concern.
Impact on MSSPs and Channel Partners
For MSSPs, partnering with vendors like SentinelOne and distributors that have government divisions can be beneficial. While the authorization may not directly impact MSSPs that don’t provide services, it can enhance their offerings and credibility in the market. As McGrail noted, distributors like SHI lack the expertise to plan, implement, and maintain these products, creating an opportunity for MSSPs to add value.
The FedRAMP authorization for SentinelOne and Horizon3.ai underscores the growing importance of AI-powered cybersecurity solutions in the government and critical infrastructure sectors. As cybersecurity threats continue to evolve, the role of AI in enhancing security measures becomes increasingly crucial.
Related Developments
Other companies are also moving towards FedRAMP authorization. Delinea, a specialist in identity security, has initiated the FedRAMP High authorization process for its Secret Service platform, a Privileged Access Management (PAM) solution. This move indicates the ongoing efforts in the cybersecurity industry to meet the stringent security requirements of the government sector.
In conclusion, the FedRAMP authorization for SentinelOne and Horizon3.ai represents a significant advancement in the integration of AI-powered cybersecurity solutions in the government and related sectors. It highlights the industry’s move towards more sophisticated and autonomous security measures to counter evolving cyber threats.
