Security vendors
SentinelOne and
Horizon3.ai both gained FedRAMP authorization, enabling them to sell their AI-powered products and services to federal agencies.
SentinelOne said this week that its Purple AI automated SecOps tool, Singularity Cloud Security CNAPP (Cloud Native Application Protection Platform), and Singularity Hyperautomation no-code automation offering all obtained high-impact level authorization.
For its part, Horizon3 said its NodeZero Federal platform uses AI to allow organizations to autonomously scan, find, and fix weaknesses in their attack surface and then verify the effectiveness of those fixes.
Getting the FedRAMP High authorization is an important step for cybersecurity vendors who want to work with the government. It ensures that the technology has passed the most rigorous standards for handling sensitive government data in cloud environments. The authorization not only allows the vendors to sell to government agencies but also organizations in the public sector, defense industrial base (DIB) and critical infrastructure sectors that have increasingly been targeted by threat groups aligned with foreign adversaries such as China, Russia, and Iran.
Delinea, a specialist in identity security, this month also confirmed initiating
the FedRAMP High authorization process for its Secret Service platform, a Privileged Access Management (PAM) solution.
For SentinelOne, its Purple AI, Singularity Cloud Security platform, and Singularity Hyperautomation are the latest products accepted into the FedRAMP program. In September 2024, the Mountain View, California-based company, announced that its two other AI-based cybersecurity services, SentinelOne
Singularity™ Platform and
Singularity Data Lake, were authorized.
'Power of Unification'
“As a former CISO in the federal government, I know firsthand the security – and budget – challenges agencies face as they work to modernize legacy systems, manage growing cloud environments, and respond to mounting cyber threats,”
Ronald Ringgold, field CISO for the public sector at SentinelOne,
said in a statement, adding that the company is delivering the “power of unification” with its solutions.
That unification includes Purple AI’s natural language queries and threat hunting to accelerate threat detection and response, and streamline investigations through prioritized alerts, quick starts, and recommended next steps. The CNAPP spans everything from autonomous threat detection and response to discovering unprotected cloud workloads to proactively detecting exploitable risks. The no-code hyperautomation enables rapid design, testing, and deployment of SecOps workflows with no need for advanced programming or knowledge needed.
Investing in AI
Like most cybersecurity vendors, SentinelOne is quickly incorporating AI into every aspect of its portfolio. Earlier this week,
the company announced its investment arm, S Ventures, was putting money into Theom.ai, a startup with an AI-based data operations center (DOC) platform.
“In today’s AI-powered enterprise, data has become both the crown jewel and the weakest link,”
Rob Salvagno, senior vice president of corporate development and head of S Venture,
wrote in a blog post. “At SentinelOne, we’ve long believed in defending the modern enterprise with autonomous, AI-driven solutions that secure every edge of the attack surface.”
Expanding Its National Security Reach
The FedRAMP authorization isn’t Horizon3.ai’s first step in the government. The company is a partner in the National Security Agency’s (NSA)
Cybersecurity Collaboration Center (CCC) program, through which DIB suppliers use NodeZero to act as nation-state adversaries to test cyber defenses to find weaknesses that can then be fixed.
Horizon3.ai co-founder and CEO
Snehal Antani said in a
statement that the San Francisco-based vendor’s “roots are in national security, and with cyber warfare evolving at an unprecedented pace, we’re committed to improving the cyber resilience of the nation’s digital infrastructure, with support for secret and top-secret systems as our next major focus areas.”
MSSPs Also Win
The benefits of such FedRAMP authorizations do cascade down to their MSSPs and other channel partners, according to
Kevin McGrail, cloud fellow and principal evangelist with
Google Cloud security partner
DitoWeb.
“When a product gets FedRAMP authorization, the vendor gets the imprimatur that the product is pretty secure,” McGrail told MSSP Alert. “This can open up opportunities in other sectors that are not federal agencies, including states and private sectors – such as the financial sector – for MSSPs and partners to explore. It helps a lot if security is a big concern.”
Depending on the go-to-market strategy, the authorization might not mean much to MSSPs that don’t provide services because they may not be able to sell the licensing, he said. In a case like SentinelOne’s, the vendor might already be dealing directly with agencies or selling through the General Services Administration (GSA) or large distributors that have government divisions, like SHI and Carahsoft.
However, “the distributors like SHI do not have the expertise to plan, implement, and maintain the products,” McGrail said. “The vendor might have their own partner program as well, and even a gov-specific partner ecosystem. MSSPs should consider partnering with the vendor and the distributors.”
