Feb 20, 2020

SentinelOne and SafeBreach Partner to Drive Continuous Validation of Endpoint Security

SUNNYVALE, CALIFORNIA – February 20, 2020. – SentinelOne, the autonomous endpoint protection company, announced today the release of a seamless integration with SafeBreach, the market leading Breach-and-Attack Simulation (BAS) platform. The integration of SentinelOne’s Singularity platform with the SafeBreach BAS platform empowers Security Operations (SecOps) teams to automate and accelerate the process of breach prevention, detection, remediation, and investigation through intelligent correlation of endpoint-related security data.

This integration is designed to address the most pressing problem facing security teams today – the inability to test and visualize the effectiveness of their security controls’ configurations. According to Gartner, the vast majority of security breaches happen when attackers exploit misconfigured systems or well-documented security flaws in software or hardware. According to Gartner research, 99% of attacks are known and have been for years. The research further found that 97% of breaches are at companies which have already deployed the right controls but simply are not using them correctly.

The SentinelOne and SafeBreach partnership enables organizations to validate security controls for endpoint protections conclusively and continuously. With the integration, SecOps teams gain confidence that the SentinelOne Singularity Platform is deployed correctly and configured optimally, ensuring protection against both the latest threats, as well as misconfigurations caused by human error or changes to an organization’s IT landscape.

SafeBreach simulations automatically pull all relevant incident-related data from SentinelOne. The correlated data is embedded in the simulation results, with a quick link for further investigation on the SentinelOne Singularity Platform. This helps SecOps teams be better prepared to tackle security threats and reduces the overall attack surface through optimizing SentinelOne security controls. Most importantly, SecOps teams using the integration will significantly reduce the time required to close gaps and detect misconfigurations, thereby preventing breaches in the first place.

The joint solution effectively automates the identification of security gaps and configuration mistakes or weaknesses. SafeBreach can also help SecOps teams prioritize security configuration changes based on real business impact using a simple-to-calculate risk estimation engine that ties back to the organizations’ IT (software, hardware, network) components. Through the integration, SafeBreach imports mitigation insights for security controls and configurations directly from SentinelOne. This allows SecOps teams to confidently validate that the SentinelOne Singularity Platform is deployed and configured correctly.

Security Operations teams understand how critical it is to maintain the effectiveness of their security controls, but most lack the tools to accurately determine their security posture,” says Yotam Ben Ezra, VP of Products at SafeBreach. “The integration of SafeBreach and SentinelOne Singularity Platform for complete endpoint protection enables security professionals to continuously test and maintain their deployed endpoint security controls to validate an organization’s security posture against cyber-attacks.

Together SentinelOne and SafeBreach are raising the bar for advanced cybersecurity solutions by offering the most comprehensive attack simulations against and insights into a comprehensive variety of endpoints. With the integration, SecOps teams can simulate thousands of controlled, safe simulations of real world cyber attacks available of the SafeBreach Hacker’s Playbook, which now contains over 10,000 attack methods, broken down by threat groups, tactics or techniques and map those against business risks. This simplifies high-confidence continuous validation of their organization’s endpoint security posture against the broadest range of real-life cyber attacks of any BAS platform.

Bottom line – the unique capabilities of SentinelOne’s Singularity Platform plus the superior coverage and user experience of the SafeBreach BAS deliver the fastest, easiest way to significantly improve your endpoint, IoT, container, and cloud workload facing security posture,” says Guy Gertner, VP Product Management at SentinelOne. “The joint solution enables our differentiated AI powered prevention, detection, response – and even remediation – capabilities to deliver maximum value through continuous and comprehensive security stance validation.


SafeBreach MITRE ATT&CK heat map simulation results based on threat group, tactics and techniques or specific malware type.

Leveraging an intuitive visualization system and heatmaps, SafeBreach enables SecOps teams to see specific endpoint exposures, in real-time, at a glance. The visualization output from the integration aligns with the MITRE ATT&CK framework, streamlining and simplifying work to verify organizational readiness and security posture. The integration also provides an automatic correlation of SafeBreach simulation results with SentinelOne’s real-time endpoint telemetry, delivering enriched context and reporting for end-to-end investigations. In addition, SafeBreach provides easy-to-understand, intelligent guidance on which security gaps to prioritize for remediation and remediation steps.

With the only BAS research team that contributes regularly to ATT&CK, SafeBreach maintains the largest list of attack tactics, techniques and procedures, giving SafeBreach BAS users the broadest and most up-to-date cybersecurity attack simulation coverage on the market today. Thousands of controlled, safe forms of real cyber attacks are available as part of the SafeBreach Hacker’s playbook. With 10,000+ breach and attack methods this playbook is the largest in the industry based on actual attacks, active investigations and cutting-edge research.

At the RSA Conference, SentinelOne will be showcasing the integration at Booth 727 in the South Hall.

About SentinelOne

SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects, responds, and hunts attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real time for both on premise and cloud environments and is the only solution to provide full visibility from edge to cloud across the network. To learn more visit sentinelone.com or follow us at @SentinelOne, on LinkedIn or Facebook.

About SafeBreach

A pioneer in the Breach and Attack Simulation (BAS) market, SafeBreach is the world’s most widely used continuous security validation platform. The patented platform automatically and safely executes thousands of attack methods to validate network, endpoint, cloud, container, and email security controls against its Hacker’s Playbook™, the world’s largest collection of attack data broken down by methods, tactics and threat actors. Founded in 2014 by experienced CISOs, hackers, and security entrepreneurs, SafeBreach makes it possible for security teams to invest wisely, protect more and mitigate risk.

Media Contact:

Merritt Group for SafeBreach – [email protected]

Subscribe to
our Newsletter