Customer Story: SentinelOne - Guarding Inboxes Against Compromise
Learn why SentinelOne uses Armorblox to protect their organization from targeted email attacks and reduce false positives created by Google email security.
The Customer
SentinelOne is the industry leader in autonomous cybersecurity. They provide cybersecurity across the entire attack surface: endpoints, containers, cloud workflows, and IoT (Internet of Things) devices. SentinelOne is trusted by customers worldwide, including 4 of Fortune 10 & hundreds of the global 200 enterprises.
The Challenge
As a leader in cybersecurity, SentinelOne needed the best solution to safeguard their end-users' inboxes against targeted email attacks, such as BEC, vendor fraud, and phishing. In addition, they were experiencing troublesome issues with Google Workspace spam filters. Google was flagging legitimate emails as spam, resulting in a disruption to their business response time and workflows. In addition, manually removing these false positives from spam created additional work for their security team, who was already inundated with security busywork.
SentinelOne needed an email security solution that could stop the high volume of targeted attacks that were bypassing their Google Workspace security, would free up time for their security team, and could resolve issues they were experiencing with Google spam filters. Armorblox was the answer.
The Solution
Armorblox cloud-delivered mail security platform.
The Armorblox platform connects seamlessly over API and Armorblox Advanced Threat Prevention solution provides sophisticated protection against targeted email attacks like Business Email Compromise (BEC), impersonation, account takeover, vendor fraud, and phishing attacks. With Armorblox, SentinelOne is able to protect its 1,000+ end users from these types of attacks.
Armorblox’s Safe Email Detection in Spam feature can easily review and correct errors made by Google**,** such as incorrectly labeling safe emails as spam. User-specific and organizational behavior models undo the damage done by email provider spam filters that trap genuine internal emails and disrupt business workflows. This feature resolved SentinelOne’s issues with Google pulling in legitimate and essential emails to their spam filters.
The Armorblox platform automates the triage of malicious emails into threat categories (e.g. phish URL in mail body, payment fraud), which minimizes the need for custom policy setup and upkeep. Armorblox provides highly effective protection against a wide range of targeted email attacks - whether they have malicious links, unknown links, or no links at all.
Easy-to-consume threat insights are provided for every email and detected threats - such as socially engineered and BEC attacks - are automatically remediated based on pre-configured actions (delete, quarantine, lock account). These actions are easily configured by the security team and automatically get applied across similar threats; saving time and allowing security teams to focus energy and resources on the threats that need human review.
The Benefit
Armorblox provides SentinelOne with the technology to stay protected and secure, without having to drastically change their behaviors in order to keep security top of mind. It supplies their team with deeper insights into the types of email-based threats reaching their users and a view into their most targeted employees.
Protection against targeted email attacks and reduced disruptions to business workflows
Armorblox provides highly effective protection against socially engineered attacks that can bypass native email security controls.
Sridhar Yelgireddy, the Head of Global IT Infrastructure at SentinelOne, was pleased with Armorblox’s ability to protect his organization from targeted email attacks. As a leader in the cybersecurity industry, it was important that internally, they had the best protection possible.
“We need the best of the best security tools to protect our email, and we picked Armorblox.”
– Sridhar Yelgireddy, Head of Global IT Infrastructure at SentinelOne
Sridhar was also relieved to find a solution that could solve the issues they were experiencing with Google Workspace’s spam settings:
“We were using Google Workspace for our email. Google had their own protection and filtering mechanisms, which we couldn’t change or customize. We continued to have some threats coming through [Google’s] filtering and also having a lot of false positives, like some of the genuine emails being filtered into spam folders.”
Streamlined security operations and reduction of manual, repetitive work
Eliminating the need for repetitive work, Armorblox easily finds and remediates malicious emails across hundreds of users' inboxes with just one click. As a busy security team, SentinelOne was looking for a solution that is effective, utilizes state-of-the-art technology, integrates well with its existing tools, and extends the team’s bandwidth. Armorblox is able to provide this value and be that ‘set it and forget it’ email security solution that SentinelOne requires:
“[Armorblox] is easy to deploy, implement, and then protects from social engineering. It starts protecting your email in hours, compared to traditional security gateways taking days and weeks to deploy, and probably sometimes months to get into production.” - Sridhar Yelgireddy, Head of Global IT Infrastructure at SentinelOne
With Armorblox connected to their user-reported phishing mailbox, malicious attacks are automatically remediated without the need for human investigation or manual work. This directly benefits security teams with a 75-97% reduction in phishing remediation time.
According to Sridhar,
“Armorblox is low-to-no maintenance. Actually, once deployed, it takes care of the environment, integrated well with our SOC and SIEM tools and the time we are saving on the complaints we receive from users, I would say that we have saved probably 50% of a full-time employee.”
Watch the full video below to learn why Sridhar Yelgireddy believes,
“Partnering with Armoxblox for our email security is the best decision I’ve taken, and it’s absolutely a yes to go with this solution.”