Share this article on:
Ivanti and SentinelOne have partnered up aiming to encourage organisations to adopt a comprehensive, risk-based approach to patch management.
To bolster cyber security against cyber threats and ransomware attacks, Ivanti and SentinelOne are integrating their technologies. In order to deliver vulnerability assessment, prioritisation, and remediation at machine speed, the companies are integrating Ivanti Neurons for Patch Management and SentinelOne's Singularity XDR platform.
Currently, patch management remains a significant challenge for many organisations according to both companies, explaining that security and IT teams often struggle with mapping vulnerabilities to software updates, patch lag, fragmented processes, and diverse technology stacks due to disjointed teams.
In a recent Ivanti survey, 71 per cent of IT and security professionals stated that they find patching to be overly complex, cumbersome and time consuming. On top of this, 53 per cent of respondents revealed that organising and prioritising critical vulnerabilities takes up most of their time.
Many security and IT teams only patch new vulnerabilities or those that have been disclosed in the National Vulnerability Database (NVD) as a result.
This can lead to enterprise security gaps that allow threat actors to wreak havoc, as the NVD currently misses over 20 per cent of all common vulnerabilities and exposures.
Ivanti president and chief product officer Nayaki Nayyar explains that the company's AI-based Ivanti Neurons for Patch Management solution has the capability to identify enterprise exposures and active threats, provide early warnings of vulnerability weaponisation, predict attacks, and prioritise remediation activities.
"Plus, we offer agent-based and agent-less patching, and support for a broad-based catalogue of over 350 enterprise applications.
"We are excited to partner with SentinelOne to help organisations bolster cyber hygiene and better defend against cyber attacks.
"These advanced capabilities greatly improve the efficiency and effectiveness of security and IT teams in assessing and deploying security patches and combating weaponised vulnerabilities used by cyber adversaries," Nayyar said.
One of the most prominent attack vectors exploited by hackers are unpatched application and OS vulnerabilities. Attackers have been able to weaponise vulnerabilities faster than ever before and target the weaknesses designed to create maximum disruption and impact.
The new partnership is focused on enabling organisations to harden endpoints, improve cyber hygiene, and reduce attack surfaces by quickly detecting vulnerabilities and remediating those weaknesses, enterprise wide.
The integrated Ivanti and SentinelOne solution will be designed to provide security and IT teams with context and adaptive intelligence regarding what their organisation's exposures are to vulnerabilities that are being actively exploited, including whether those vulnerabilities are tied to ransomware, and then enable them to quickly remediate those threats.
Autonomous vulnerability assessment and remediation is a necessity, according to Nicholas Warner, president, security at SentinelOne, amid the uptick in cyber attack sophistication and volume.
"Singularity XDR helps organisations automate cyber security across endpoint, cloud, and identity.
"In partnership with Ivanti, we deliver an autonomous, risk-based approach for cyber security to our customers.
"Security teams benefit from automation so they can continuously identify vulnerability exposure and remediate those risks at machine speed," Warner said.
Mark Stevens, senior vice president and general manager, strategic alliances at Ivanti, added that the new partnership is a great example of how Ivanti works with cyber security ISVs to deliver patch management to their customers.
"We are delighted to forge this relationship with SentinelOne and bring automated patching to SentinelOne customers and partners.
"It is another validation of the robust set of endpoint security solutions we offer to ISVs looking to strengthen their own solutions by leveraging our APIs and SDKs for patch management, discovery, remote control, application control and device control," Stevens said.
[Related: Taiwan government websites hit by cyber attack prior to Pelosi visit]