Welcome Reeny Sondhi, our new Chief Trust Officer at SentinelOne 💜 📄 Reeny’s resume: ● More than 25 years of experience leading enterprise-scale transformation across cybersecurity, AI, data, and technology ● Senior leadership roles at Twilio, Autodesk, and Dell Technologies — most recently serving as the Chief Digital Officer at Twilio ● Recognized as one of San Francisco Business Times’ 100 Most Influential Women in Bay Area Business in addition to being a passionate advocate for inclusive leadership ➡️ What Reeny will lead at SentinelOne: ● Strengthening the trust, resilience, and security that underpin everything we deliver ● Advancing transparency, accountability, and responsible leadership across our operations ● Ensuring we continue to operate at the highest standards of security, reliability, and customer confidence This is another major step forward for our customers, partners, and our mission to build the future of AI security. Welcome to SentinelOne, Reeny 🔥
👇 SentinelOne's Juan Andres Guerrero-Saade (JAGS) together with former FBI deputy director Andrew McCabe on CNN discuss the "currency of crime" and the harrowing Guthrie ransom case 💡 📺 Watch - https://lnkd.in/g3RkTMTb
🏆 Behind every great partner ecosystem is a visionary leader. Congratulations to Brian Lanigan for being recognized as one of the The Channel Company's 50 Most Influential Channel Chiefs. As our SVP and Global Head of Partner Ecosystem, Brian’s leadership is defined by a "power of many" mindset. Over the last year, he spearheaded the launch of our PartnerOne Program and drove powerful momentum across our global MSP channel. This recognition is a testament to Brian's vision for a more secure, AI-driven future for the entire channel. Join us in celebrating his achievements. Learn more: https://lnkd.in/dxA7yFQA
Reuters Exclusive: "The research, carried out jointly by SentinelOne and Censys... offers a new window into the scale of potentially illicit use cases for thousands of open-source LLM deployments. These include hacking, hate speech and harassment, violent ... content, personal data theft, scams or fraud, and in some cases child sexual abuse material, the researchers said.” AI industry conversations about security controls are "ignoring this kind of surplus capacity that is clearly being utilized for all kinds of different stuff, some of it legitimate, some obviously criminal," Juan Andres Guerrero-Saade (JAGS) tells Reuters’s AJ Vicens. Guerrero-Saade likened the situation to an "iceberg" that is not being properly accounted for across the industry and open-source community. Read the full article: https://s1.ai/LlamaReut Read the original research by Gabriel Bernadett-Shapiro and 💻 Silas Cutler: https://s1.ai/si-llama
🚨 Geopolitics shifting fast, ransomware at startup speed, and AI going autonomous: This is the January edition of our Code Purple newsletter. 🚨 In this issue, we break down the latest in cybersecurity so you can stay informed and protected: 🔥 Cybersecurity 2026 Forecasts: AI, adversaries, and global change 🧠 Inside the LLM: How prompt injection actually works 📊 LLMs in the SOC (Part 1): Why benchmarks fail real security ops 🎧 How the World Got Owned: A new podcast series on hacking history 🏛️ GovRAMP High Authorized: AI-powered Singularity built for state + local government 🧩 AI Coding Assistants + Supply Chain Risk: Dependency hijack via “skills” and plugins Read the full newsletter and start 2026 ahead of the curve in cybersecurity.📩 https://www.linkedin.com/pulse/new-year-smarter-security-whats-next-sentinelone-8he6c
Modern cloud security isn’t just about infrastructure anymore — it’s also about securing AI where and how AI-related work actually gets done. CRN recognized SentinelOne as one of the 20 coolest cloud security companies of 2026, highlighting our cloud-native platform and expanding AI security capabilities. SentinelOne ensures you have visibility into and protection against data exposure across 15,000+ AI services. Cloud. AI. Security. Built for where threats are going, not where they’ve been. Learn more: https://s1.ai/Cld100-26
LLM security benchmarks look impressive. They’re also misleading. Our team identified five issues: • Most benchmarks treat security as a series of isolated, multiple-choice questions. In reality, security work is a complex, multi-step workflow involving pivoting and context-switching. • Models are tested on isolated tasks in controlled environments as opposed to live workflows • “Reasoning” gains observed in math and code don’t transfer to analyst-level thinking • Benchmarks are increasingly using LLMs to grade other LLMs, often from the same model family. This creates a self-referential "black box" of evaluation that is easy to game but hard to trust. • Operational metrics like time-to-detect and time-to-contain are absent These limitations matter because benchmarks are increasingly used to justify real SOC automation decisions. If we are going to trust AI with SOC automation, we must move beyond static scoring systems. Passing an exam is not the same as running an incident to ground. If AI is going to sit inside the SOC, we need evaluations that reflect real pressure, messy data, broken telemetry, and human judgment 📘 LLMs in the SOC (Part 1): Why Benchmarks Fail Security Operations Teams Read the research from Gabriel Bernadett-Shapiro and Edir Garcia Lazo and see what today’s benchmarks crucially miss. https://s1.ai/benchmk1
This is the week in cyber. This is SentinelOne’s Good, Bad & Ugly cyber news roundup. ⬇️ ✅ GOOD: Enforcement pressure hits fraud rings, hacker forums, and critical logistics • Spanish authorities arrested 34 suspects linked to the Black Axe group, and face charges for fraud including business email compromise and MiTM attacks across Europe. • The BreachForums hacking forum suffered another blow after its database was leaked, exposing details tied to roughly 324,000 accounts — weakening underground anonymity and raising the risk of identification for users. • A Dutch hacker was sentenced to seven years in prison for breaching IT systems supporting the ports of Rotterdam and Antwerp, with activity linked to attempted extortion and facilitating criminal operations. ⚠️ BAD: “Reprompt” shows how AI copilots can be hijacked for silent data theft • Researchers revealed an attack technique dubbed Reprompt that could allow adversaries to hijack a Microsoft Copilot session and trick it into exfiltrating sensitive data through prompt manipulation. 🤢 UGLY: PLUGGYAPE malware turns trusted messaging apps into a covert attack channel • Ukraine’s CERT-UA reported PLUGGYAPE malware operations targeting defense-linked victims, with attackers using Signal and WhatsApp as part of the delivery and interaction chain. Follow us for weekly GBU with practical defenses leaders can act on: https://s1.ai/GBU9-Wk3
Prompt injection isn’t magic — it’s math. In this technical primer from SentinelLABS, Phil Stokes breaks down exactly how attackers exploit the gap between human semantics and machine statistics. LLM attacks aren't just “prompt injection.” They are exploits of how Transformer-based models process input — from BPE tokenization quirks to gradient-based manipulation of attention. Understanding what happens inside the LLM when attacks work is the first step to defending against them. Read the full analysis: https://s1.ai/inside-llm-1
Last month, in our 2026 cybersecurity forecast, SentinelLABS warned that a US–Venezuela flashpoint would spill into cyber and information operations, pulling in Russia, China, and Iran. A few days later, real-world events underscored how quickly those pressures can surface and reshape the threat environment. This is what our intelligence-led security research focuses on: - Tracking geopolitical pressure before it escalates or ruptures - Modeling cyber fallout before it hits networks - Calling the shape of conflict — not just reacting to it Swipe through the rest of the forecasts that could shape this year. Read the full report: https://s1.ai/Predictns
