VentureBeat Q&A: CrowdStrike’s Michael Sentonas on importance of unifying endpoint and identity security

VentureBeat recently sat down (virtually) with Michael Sentonas, president of cybersecurity technology leader CrowdStrike, to gain insights into the security challenges organizations of all sizes face. We talked about securing endpoints and identities, the future of AI in cybersecurity and the importance of consolidating security tools.

Sentonas provided an interesting view of the company’s ongoing efforts to stay ahead of cyber-threats through innovation — and how CrowdStrike considers customer satisfaction its highest priority.

Sentonas leads all market-related and product functions at CrowdStrike, encompassing corporate development, CTO teams, sales, marketing, engineering, threat intelligence, privacy, policy and strategy. He is considered a leading expert and recognized authority on security and cyber-threats. Joining CrowdStrike in 2016, he served as vice president, technology strategy before being promoted to chief technology officer in 2019. Sentonas previously held leadership positions at McAfee.

Consolidation is key

VentureBeat: Why are CrowdStrike customers prioritizing consolidation of security tools?

Michael Sentonas: I think there’s a couple of different ways to look at that. One is from a technical perspective, and one is the economic advantages.

From a technical perspective, we know one of the worst things in cyber is complexity. And the more complex our networks are, the harder they are to manage, and the reality is that it becomes a perfect opportunity for an attacker. It’s not uncommon to see organizations these days that have 10 to 15 different security vendors’ technologies deployed, and within [each of] those vendor product suites, they have a couple of different products. And that just makes it hard to manage.

So that’s the technical answer to your question. The economic answer is that it costs a fortune in training and support paths. With that, the economic pressure is even harder today, which is why we talk so much about consolidation.

VB: Are you going to innovate and drive for the SMB market, or will you go full speed on AI and go towards the high end of innovation?

Sentonas: We don’t have to choose one or the other. CrowdStrike has increasingly been focused on SMB innovation, and that didn’t happen by chance. We were building our technology. We were building our capabilities. The way that we defeat attackers leverages AI — that’s nothing new. We’ve been doing that for 11 years. We’re having a lot of success with emerging tech, and CrowdStrike has built the majority of that. There’s no plan to slow down in any of the innovations.

We’re making some changes, and we continue to evolve the company to accelerate innovation. But I want to make sure that when we bring together sales and marketing, it’s about focusing on the customer. Our CEO George [Kurtz] and I have known each other for about 19 years. Early on, he said to me, there’s a simple rule: focus on the customer, put the customer first, and the rest falls into place and takes care of itself. That’s the mantra that we bring to the market today.

Engaging with AI for cybersecurity

VB: With so much media coverage of ChatGPT and generative AI, how do you slice through the distraction in the market and help your customers focus on managing endpoints and protecting identities on the same platform?

Sentonas: While I may joke sometimes that AI was launched [in] November 2022, it’s actually good to see that people are engaging with the concept. For example, people may ask: What do you mean when you say you use AI for prevention? What does that look like when you use it for threat hunting?

If you look at CrowdStrike’s conception in 2011, one of the things that George talked about was that we couldn’t solve the security problem unless we used AI. In the lead-up to going public as a company, he also talked about AI, and since we’ve gone public, every quarter when we talk to Wall Street, we talk about AI. We’ve been using AI as part of our efficacy models, our prevention models, and we leverage AI when we do threat hunting. It’s a big core part of what we do.

Things like ChatGPT allow you to go, “Hey, show me what adversaries are attacking. What are the techniques that they’re using? Have those techniques ever been used in my network?” And then you can keep going through that process. You don’t have to be an expert. But using that technology could lower the barrier of entry to become a decent threat hunter.

Endpoint and identity security

VB: From an innovation standpoint, are you seeing where the intersection of endpoints and identities needs to be improved to stop identity-based attacks using AI?

Sentonas: If you look at the way that we’ve built CrowdStrike, we’re not going to put customers through the challenges of rolling out multiple or bloated endpoints that increase complexity. We are very careful to make sure that the agent size does not increase significantly, because the user experience is incredibly important to us.

I also love your question about the intersection of endpoint and identity. It’s one of the biggest challenges that people want to grapple with today. I mean, the hacking [demo] session that George and I did at RSA [2023] was to show some of the challenges with identity and the complexity. The reason why we connected the endpoint with identity and the data that the user is accessing is because it’s a critical problem. And if you can solve that, you can solve a big part of the cyber problem that an organization has.

VB:  Do attackers know about the disconnect between endpoint security and identities on the endpoint? And do the more sophisticated ones actually capitalize on that?

Sentonas: Of course. They’re very capable, they know what they’re doing and they know how to get into organizations. You’ll look at some of the techniques that we were playing around with at RSA in the demo. Very good red-teaming type skills, where people would know those techniques. So yeah, absolutely. They know what’s going on.