SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Ivanti and SentinelOne partner on patch management solution
Thu, 4th Aug 2022
FYI, this story is more than a year old

Ivanti and SentinelOne have announced they have joined forces to help organisations adopt a comprehensive, risk-based approach to patch management and bolster cybersecurity against cyber threats, including ransomware attacks.

Ivanti and SentinelOne will integrate their technologies Ivanti Neurons for Patch Management and SentinelOne's Singularity XDR platform to deliver vulnerability assessment, prioritisation, and remediation at machine speed.

According to the companies, at present patch management remains a significant challenge for many organisations. Security and IT teams often struggle with mapping vulnerabilities to software updates, patch lag, fragmented processes, diverse technology stacks and disjointed teams.

According to a recent Ivanti survey, 71% of IT and security professionals said they find patching to be overly complex, cumbersome and time consuming. On top of this, 53% said that organising and prioritising critical vulnerabilities takes up most of their time.

As a result, many security and IT teams only patch new vulnerabilities or those that have been disclosed in the National Vulnerability Database (NVD). Yet this can lead to enterprise security gaps that allow threat actors to wreak havoc, as the NVD currently misses over 20% of all common vulnerabilities and exposures.

Unpatched application and OS vulnerabilities remain one of the most prominent attack vectors exploited by hackers. Attackers have been able to weaponise vulnerabilities faster than ever before and target the weaknesses that create maximum disruption and impact.

This partnership is focused on enabling organisations to harden endpoints, improve cyber hygiene, and reduce attack surfaces by quickly detecting vulnerabilities and remediating those weaknesses, enterprise-wide, in a single click.

The integrated Ivanti and SentinelOne solution will provide security and IT teams with context and adaptive intelligence regarding what their organisations exposures are to vulnerabilities that are being actively exploited, including whether those vulnerabilities are tied to ransomware, and then enable them to quickly remediate those threats.

Together, Ivanti and SentinelOne will help enterprises to greatly reduce the mean time to detect, discover, remediate, and respond to cyber threats, particularly critical vulnerabilities linked to or associated with ransomware.

Ivanti president and chief product officer Nayaki Nayyar says, “We are excited to partner with SentinelOne to help organisations bolster cyber hygiene and better defend against cyber attacks.

"Our AI-based Ivanti Neurons for Patch Management solution can identify enterprise exposures and active threats, provide early warnings of vulnerability weaponisation, predict attacks, and prioritise remediation activities.

"Plus, we offer agent-based and agent-less patching, and support for a broad-based catalogue of over 350 enterprise applications. These advanced capabilities greatly improve the efficiency and effectiveness of security and IT teams in assessing and deploying security patches and combatting weaponised vulnerabilities used by cyber adversaries.

Nicholas Warner, president security at SentinelOne, says, “Autonomous vulnerability assessment and remediation is a necessity amid the uptick in cyber attack sophistication and volume.

"Singularity XDR helps organisations automate cybersecurity across endpoint, cloud, and identity. In partnership with Ivanti, we deliver an autonomous, risk-based approach for cybersecurity to our customers. Security teams benefit from automation so they can continuously identify vulnerability exposure and remediate those risks at machine speed.

Mark Stevens, senior vice president and general manager strategic alliances, Ivanti, “The SentinelOne Ivanti partnership is a great example of how Ivanti works with world-class cybersecurity ISVs to deliver patch management to their customers.

"We are delighted to forge this relationship with SentinelOne and bring automated patching to SentinelOne customers and partners. It is another validation of the robust set of endpoint security solutions we offer to ISVs looking to strengthen their own solutions by leveraging our APIs and SDKs for patch management, discovery, remote control, application control and device control.