Aug 8, 2020

Founder Spotlight: Tomer Weingarten, SentinelOne — On the Road to Success, Nothing is Trivial


When SentinelOne CEO and co-founder Tomer Weingarten launched the company in 2013, he had a revolutionary vision to transform the way organizations protect their data and devices by building software that doesn’t just observe but prevents and deflects in real-time.

Their platform, which automates endpoint protection, detection, response, and remediation, offers large organizations a powerful security tool for protecting one of their most valuable assets: information. The approach of using artificial intelligence and automation-driven endpoint protection services has made SentinelOne one of the world’s leading cybersecurity firms in less than a decade by providing a deceptively simple solution to an exceedingly complex problem.

This success has attracted some of the world’s largest companies as customers and earned industry accolades, including a spot on the CNBC Disrupter 50 list, being named the highest-rated vendor on Gartner Peer Insights’ “Voice of the Consumer: Endpoint Detection and Response Solutions” report, and being listed as the 7th fastest growing company in the latest Deloitte Technology Fast500.

The massive growth in the number of networked devices, a trend which will only accelerate with the adoption of 5G and the expansion of the internet of things (IoT), has given employees and users many new ways to access servers and information. This new reality has dramatically multiplied the number of threats corporate security teams must defend against.

We spoke with Weingarten about endpoint security, SentinelOne’s evolution, the future of cybersecurity, and much more.

Can you talk a little bit about what led you to co-found SentinelOne?

When I think of growing up as a teenager, I was pretty impressed with Bill Gates’ story. Seeing this thing called Microsoft — it’s a software company — and how you are basically just building something from code. Microsoft back then wasn’t about hardware, there was nothing to feel. It’s just code, and it becomes this important part of pretty much everything. To me, that was inspiring. It was really something that made me think, “I want to invent something with software, too. That is the way to make an impact in this world.”

SentinelOne is basically my third company. At the previous startups that I’ve built, I was the CTO and mostly on the technical side. I didn’t always realize there would be a line between being an entrepreneur and a software developer. I’m an engineer by training, and what I love to do is build software products. Some people paint, some people write songs, some people are talented in different ways.

For me, writing code — and building software products — is the way I express myself.

Why did you choose to build a security solution?

About seven years ago, my co-founder and I started looking at what type of solutions enable enterprises to figure out where the attack landscape is headed. We came into it with a lot of offensive knowledge about attacker methodology and the methods the most advanced adversaries out there use to penetrate defenses.

We started thinking about the right approach to building security for the future. We know that most of the incumbent solutions that were there around seven years ago, like antivirus and firewalls, are very antiquated ways of protecting assets that just don’t cut it in the modern attack landscape. We knew that we need ways to deal with attacks that are increasing in frequency and becoming more automated.

In the industry, we saw a lot of opportunity in the endpoint market. It’s a market that hadn’t been disrupted in years, with very large incumbents like Symantec and McAfee which had not innovated for a long time. This was very compelling to us.

Our decision was to create a solution that doesn’t just observe but reacts and deflects in real time. We felt the approach we were considering was quite revolutionary, and something that would change the balance of power even between attackers and defenders.

Our solution understands in real-time whether there’s an anomaly solely through observation and without relying on prior knowledge of whether something is bad or good. If you’re able to react and deflect at scale in real-time, then you have a unique advantage — you have a system that protects from attacks in a manner that no one else does.

How did that original vision for SentinelOne evolve over the years?

We started with two people and a nice idea. Today, the company is about 600 people globally, over 4,000 customers, we’ve raised about $430 million to date, and we are valued at over a billion dollars.

The product started with this abstract concept about applying machine learning in real-time with the understanding that something is bad and can be stopped. Since then, it’s evolved into a complete platform with about 10 different modules that can address different issues within a corporate enterprise environment. It’s basically the go-to console for security operations people in some of the world’s largest organizations.

Most organizations don’t have hundreds of people in their security teams; you have to find a way to deal with that scale. So our thesis was that we can create a piece of security technology that’s incredibly autonomous, works by itself, makes decisions without human intervention, and does it at scale. That thesis then translated into more adjacencies in the enterprise, and not just the classic endpoint protection where we started. We took our technology to securing IoT devices, the datacenter, and even containerized cloud workloads.

SentinelOne is a platform that addresses almost every cybersecurity need that an enterprise would have.

“Remember that what you’re building is for the customer and the end user. You’re building for the benefit of the world at the end of the day. You’re building something that protects everybody’s data.” — Tomer Weingarten

What was the most important step in finding the product-market fit for your security technology thesis?

  1. You have to be an incredibly good listener and understand pain points before you propose solutions. The more conversations you have with your target market customers, the better you design your solution.
  2. Equally important, is you really have to have some foresight and an understanding of the problem domain. This means distilling a solution that would be battle-tested through time, something that serves your customers for years to come. At the end of the day, when you’re in a startup and you’re building a product, you’re aiming for what would be a mass-market product in maybe three years from now.

There are lots of things to understand, even the political ecosystems within the environments of customers who will eventually procure your product. It’s listening on one end, grabbing as much data as you can, taking that data, distilling it, and building the best prediction that you can for the future and for your product.

On that note, what do you predict for the future of cybersecurity?

The pace of technology today is pretty fast. Let’s put it that way. Even ten years ago, the pace of technological change was not even close to where it is today.

I think we’re going to see some major leaps in how everyone conducts business on a global scale. We’ve seen a leap happening practically overnight with COVID-19 changing pretty much every working model that we’ve known. In our world, what we see changing dramatically is the proliferation of IoT devices and the dialogue between devices in the cloud.

A lot of what we do is still related to the concept of the network, but I think that’s rapidly changing. And obviously, Qualcomm is a main driver in the 5G revolution which will also almost recreate what the network model looks like. It’s going to be mostly a handshake between devices in the cloud at the end of the day. And these devices, they’re almost an extension of us and an extension of our identity.

What we do today will be transitioned into more remote and virtual settings, which will lead to more exposure of attack surfaces for hackers and criminals. This goes along with a dramatic influx in how traditional crime syndicates are monetizing, as more syndicates involved in physical crime shift their business models into cybercrime. Criminal syndicates love cybersecurity because it’s more lucrative, harder to pinpoint, and harder to attribute — just a better system for them obviously. This is going to drive a lot of the challenges in securing the enterprise environment, and in turn, the data that all of us store with some of these enterprises.

What are the next steps for SentinelOne as a company?

We feel that what we’re doing with data, machine learning and artificial intelligence in security is something that very few companies are doing. We’re on the path to becoming a public company, and that’s what we’re building the company towards. Building a very robust and fanatical customer base is the most important thing.

Furthermore, the more we can build applications on top of the data that we collect using the platform, the more value we can bring to our customer base — and the more extensive our offering can be across many different facets. Even beyond security.

Is there any advice that you would offer other founders?

Well, you will encounter challenges to overcome on a daily basis. The road isn’t always simple when you lead a company to disrupt a very large space and really break new grounds. Nothing is trivial.

For me, as a leader, a lot of it is just listening and remaining humble. I think that’s something that we try to instill as our company culture. No egos. We don’t feel like egos contribute to anything that we do.

And just remember that what you’re building is for the customer and end-user. You’re building it for the benefit of the world at the end of the day. You’re building something that protects everybody’s data. It’s a huge undertaking. Just remember that’s the mission, that’s why we wake up, that’s why we build what we build.

Learn more at