FedRAMP Authorization for SentinelOne and Horizon3.ai
Security companies SentinelOne and Horizon3.ai have successfully achieved FedRAMP authorization, allowing them to market their AI-driven products and services to federal entities. SentinelOne announced that this week, its Purple AI automated SecOps tool, Singularity Cloud Security CNAPP (Cloud Native Application Protection Platform), and Singularity Hyperautomation no-code automation solution received high-impact level authorization. Similarly, Horizon3.ai introduced its NodeZero Federal platform, leveraging AI to enable organizations to autonomously scan for vulnerabilities in their attack surface, address them, and validate the efficacy of their fixes.
Importance of FedRAMP High Authorization
Obtaining FedRAMP High authorization is crucial for cybersecurity vendors aiming to collaborate with the government. This certification confirms that the technology meets stringent standards for managing sensitive government data within cloud environments. With this authorization, vendors can not only sell to government agencies but also expand their reach to organizations in the public sector, defense industrial base (DIB), and critical infrastructure areas increasingly targeted by foreign threat groups like China, Russia, and Iran.
Delinea’s Pursuit of FedRAMP High Authorization
Delinea, an identity security specialist, has also announced its initiation of the FedRAMP High authorization process for its Secret Service platform, a Privileged Access Management (PAM) solution. For SentinelOne, recent products added to the FedRAMP program include Purple AI, Singularity Cloud Security platform, and Singularity Hyperautomation. This follows the September 2024 announcement of its prior AI-based cybersecurity services, SentinelOne Singularity™ Platform and Singularity Data Lake, achieving authorization as well.
Unified Security Solutions
Ronald Ringgold, field CISO for the public sector at SentinelOne, highlighted the “power of unification” offered by their solutions, reflecting on the security and budgetary challenges faced by agencies in modernizing legacy systems and managing complex cloud environments. Purple AI aids in threat detection and response by allowing natural language queries and threat hunting, facilitating streamlined investigations through prioritized alerts and recommended action steps. The CNAPP encompasses capabilities from autonomous threat detection to identifying unprotected cloud workloads.
Investment in AI Technology
As is common among cybersecurity companies, SentinelOne is rapidly integrating AI into its entire portfolio. Earlier this week, SentinelOne’s investment arm, S Ventures, announced funding for Theom.ai, a startup focusing on an AI-based data operations center (DOC) platform. According to Rob Salvagno, senior vice president of corporate development at SentinelOne, the firm is committed to using autonomous, AI-driven solutions to secure multifaceted attack surfaces in contemporary enterprises.
Horizon3.ai’s Commitment to National Security
The FedRAMP authorization marks another milestone for Horizon3.ai in its engagement with government initiatives. The company collaborates with the National Security Agency’s (NSA) Cybersecurity Collaboration Center (CCC), allowing DIB suppliers to utilize NodeZero for identifying and rectifying vulnerabilities. Co-founder and CEO Snehal Antani emphasized their dedication to bolstering the nation’s digital infrastructure in the face of evolving cyber warfare, focusing on secret and top-secret systems as critical areas for advancement.
Impact on MSSPs and Channel Partners
The benefits derived from FedRAMP authorizations extend to Managed Security Service Providers (MSSPs) and other channel partners. Kevin McGrail of Google Cloud security partner DitoWeb noted that FedRAMP authorization provides validation of a product’s security, potentially unlocking opportunities across various sectors beyond federal agencies. Although certain MSSPs that do not provide services may find limited relevance in the authorization, partnering with vendors and distributors can maximize the advantages of these certifications.
