Tomer Weingarten: From cyber outsider to building SentinelOne into a $1B ARR category leader

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Sid Trivedi (00:04):
Welcome to Inside the Network. I'm Sid Trivedi.

Ross Haleliuk (00:08):
I am Ross Haleliuk.

Mahendra Ramsinghani (00:10):
And I am Mahendra Ramsinghani. We have
spent decades building,investing, and researching
cybersecurity companies.

On this podcast, we invite you to join us inside the
network where we bring the bestfounders, operators, and
investors building the future ofcyber.

We will talk about the hard parts of the
founder journey, launchingcompanies, getting to product
market fit, raising capital, andscaling to an exit.

And, yes, we will also be talking about
epic failures.

But, Mahendra, we're here to make the founder
journey easier.

That is correct, Sid. But we cannot make
it too much easier becausestartups are hard, And, of
course, you already knew that.

Alright, you two. Enough. Let's get started with
this week's episode.

Our guest today is Tomer Weingarten,
cofounder and CEO ofSentinelOne, who grew up as a
bored kid in a small Israelitown, hacking games with his
best friend for entertainment toeventually taking on giants like
Microsoft and CrowdStrike on aglobal stage. Tomer Weingarten

(01:26):
is not your typicalcybersecurity CEO. Starting from
humble beginnings, he became amillionaire at a young age of 24
and then blew it all away sothat he could stay hungry and
even stay foolish. He pitchedSand Hill Road VCs without the
coveted unit 8,200 pedigree andstill built one of the fastest

(01:49):
growing public companies incybersecurity. Today, as CEO of
SentinelOne, he is leading thefight in a world where every day
is war.
In this conversation, Tomershares what it means to be a
wartime CEO, how his technicaldepth gives him a deep advantage

(02:09):
in this business, and the mostimportant part, how he plans to
grow SentinelOne in this age ofAI. Let's get started.

Tomer, welcome to Inside the Network.

Tomer Weingarten (02:23):
Thank you, Sid. Great being here. Thank you
for having me.

We're gonna talk about a bunch of different
topics, but let's really startwith the early entrepreneurial
journey that you've had in yourearly career beginnings. You
were tinkering with computersfrom a very, very young age, and
I read that your father boughtyou a computer very early on in
life. And you actually met yourfuture SentinelOne cofounder,
Almog, in second grade, and youwere bonding over software and

(02:48):
hacking experiments. Whatinitially sparked that passion
for tech and entrepreneurship,and how did those early
experiences really shape yourapproach on how you build
companies?

Yeah. I mean, it's a good question. And I
think to kind of understandbetter those days, I think a lot
of the spark for doing somethingwith tech was actually born out
of complete boredom. Becausewhere where we grew up, imagine
like a small town in in Israel.I mean, there's not a ton to do.
You're basically looking fortrouble, every, you know, every

(03:23):
minute of your day. And whenthis when my dad got me this PC,
I remember booting it up, and itboots up and it gets to, like,
seed prompt, which is just likethe DOS prompt, and that's it.
It's like a, you know, blackscreen. You don't know what to
do. Right?
It doesn't count with anyinstruction manual. It doesn't

(03:44):
count with, like, what to donext. It's very free form. So
the first few days, you know, Ijust booted it up and looked at
it. I I couldn't reallyunderstand what to do with it.
But the more we startedtinkering, I think we realized
that this is an amazing gateway.You know, back then, didn't
really have the Internet, didn'treally have, like, the World

(04:05):
Wide Web. You had Usenets. Youhad some you had the IRC that
was just getting started, butbut it was a portal. It was a
portal for, you know, meetingpeople in the complete other
side of the world, accessingdata that otherwise you would
never have known existed.
And I think the other thingthere was, funnily enough, like,

(04:28):
the computer games. Because as akid, I mean, what you wanna do
is play games, and suddenly,there's a whole new world where
you're running these reallyinteresting games. But as you're
playing the games, I think youalso start to understand, I
would do this differently. Iwould build this game in a
different way. And then you'restarting to ask yourself, how is

(04:48):
this happening?
Like, what what I'm seeing here,what I'm interacting with, like,
how does it really work? And Iremember even, you know, age
seven or eight, we would go andwe would edit in Visual Basic.
We we just try and find, like,all the the code that existed
that was preloaded with the DOSoperating system. I think it was

(05:09):
like a Gorilla Bass, which waslike the the visual basic game
that was included, you know,with it, and we would edit it
and change the game and do allthat stuff. And and from that
point on, you know, was really,to me, was just an instrument
where you can create.
Right? I mean, I don't know. Ican't draw very well. I'm not a

(05:31):
I'm not a painter, but with withproduct, with, like, imagination
and then understanding that withthis machine, you can program
and you can create and you cando something completely novel
and completely new, that wasfascinating. And I think it was
coupled with one other thingthat I'm not sure why I had,
like, since the early days,which is, like, a very deep

(05:53):
frustration with the currentsoftware that I was using.
Like, you know, why can't thisbe better was my constant, I
think, question. And from there,you just wanna do it and and you
start learning and you alsounderstand that a lot of this
information is not like yourtypical, hey. Let's go to school
and learn something type stuff,but it's more things that you

(06:16):
can you can learn by yourself.The the literature is there. You
maybe need to buy a few books,but then you can get at least
for me, it was very easy to getwell versed very quickly in
multiple programming languages.
So understanding evenarchitecture and what would be
needed to build even a websiteand all that that entails from

(06:37):
the front end and all the way tothe database and, you know,
learning how to stand up MySQLservers and, you know, thinking
about scale, I think, was wasreally it was a great first
principles experience that waskind of coming from necessity
for me. But I I carried, youknow, that technical knowledge
and have continued to evolve it,like, pretty much ever since.

And what about meeting Almog and your
SentinelOne cofounder? Tell us alittle bit about that first
meeting. And you may notremember it fully, but you may
probably remember earlychildhood years.

Yeah. No. For sure. Look, we we grew up in the
same neighborhood, and he was avery, very smart kid. And I had
that same kind of draw to thesame things, and and we clicked
immediately.
And and then the computer lovewas was also shared, And you get
two really, really smart kidsjust looking to do something,

(07:33):
and and very quickly, I thinkyou get to the world of
cybersecurity from the otherside of it. Because that point
in time, again, the context isvery small town, like technology
is not a thing. For us, it waslike, how can we get online? How
can we get our friends online?How can we do more online?

(07:56):
How can we get all the resourcesthat we need when we have not a
dollar to spare? So a lot of itkind of leads you to, okay.
Let's see what's open. Right?And from there, things starts
rolling, and you kind of getdrawn to this this very amazing
world of, like, all theunderlying infrastructure that's

(08:17):
sitting out there to facilitatewhat, let's call it, the the
normal people are using whenthey're using the the Internet.
But but that was fascinating. Imean, understanding how things
flow, understanding, you know,parameter restrictions or lack
thereof, I should say, back thenwas really interesting. And you

(08:37):
you do a lot of it for fun andgames, and you do a lot of it
for bragging rights, honestly. Imean, you know, I remember we
used to log online to the IRC,and you always had to add this
really cool IP mask, which wouldtypically come from, like, this
server shell that you would getinto someplace and you would go
online with, like, very funkydomains. Like, you could go

(09:00):
with, like, some .gov type stuffor or whatever.
And and that was kind of, youknow, the fun and games. That
was our catch the flag. Right? Imean, that that's what we would
do as kids. And I think Almo gota real passion for it.
I really just like coding morethan I like, you know, just
browsing online and hackingeverything that's possible. And

(09:20):
he he made a true profession outof it very early on. He, you
know, he went to work at CheckPoint, and he became head of
innovation there and really kindof, I think, sparked most of the
Check Point doesn't do a ton ofinnovation, to be honest. But
the little that came, I think,came from him and and Hugo and
some some of his some of hisfolks on the on his team. So,

(09:42):
you know, when we linked up kindof later in life and kind of
decided to do something, it camemainly from him, like this
desire to do something incybersecurity.
To me, I just kind of thoughtabout at this point in my life,
like, how can the next thing Ido be meaningful enough and
something that would actuallymake a difference because I I

(10:03):
got a bit tired than just, youknow, thinking about products,
building them, selling them,making lots of money, and and
moving on. Like, I quicklyrealized it's not something that
is is fulfilling or interestingfor me. So when the idea to do
something in cybersecurity came,I think we we first kind of sat
down and said, hey. Can can thisbe meaningful? We we don't wanna

(10:24):
build just another thing.
I mean, that's not gonna worththe time and the effort, and
thus SentinelOne was born.

Tomer, at just 24 after your first startup got
acquired, you suddenly had a fewmillion dollars in your account.
And as you said, you spend itvery quickly on all kinds of
nonsense so that you don't getcomplacent. Looking back at that
time, what did that earlysuccess and how you handled it
teach you about motivation andand risk taking? And also, would

(10:54):
you do anything differently now,or was spending that money the
way you did it was the bestdecision to drive you forward
and to enable you to do what youdid later?

Yeah. No. It's for sure not the best decision.
I would not I would not advisegoing that route. But I came
with from a family with not aton of means.
Right? So when something likethis happens to you and it and
it's such a, I would say, biginflection point in your life,
then, obviously, it's a bitconfusing. Obviously, the the
younger you are, the moreconfusing it gets. And and I

(11:26):
thought that I can easily justkind of get lost in doing
nothing because you kind offeel, hey. You know, I just hit
jackpot.
I don't necessarily if I do thisright and, you know, you get the
advice of the parents and thefam your parents and your
family, and they're like, investthe money and do this and buy an
apartment and, you should be setfor life. This is the best it's

(11:47):
gonna be. Right? I mean, that'ssincerely what people think at
that point in time and may maybeeven including myself, but it
never felt right to me, and Ifelt like I'm kind of drowning
in doing just, like, meaninglessstuff. And and then I kind of
said, look.
I'll be fine. Like, no no matterwhat, like, I can take I can
take these risks and and I'llfigure it out. And and something

(12:10):
else better might come or not,but I've I've trusted myself to,
you know, kind of push myselfout of the comfort zone. And and
sometimes I found that to dothat, maybe you need to remove
some anchors. Sometimes to keepgrounded, you need to add some
anchors.

(12:30):
But at that point in time, Ikind of needed to move away from
this corrupting way of life, Iwould say, that comes with, you
know, a lot of money in a at aat an, you know, early age. So
it was a good decision in thatperspective. I mean, blowing out
through all the money, I I don'tknow. It doesn't really matter.
But but I definitely think thatmaking sure that I push myself

(12:52):
to the point that that I have todo it, I think, was was critical
for me.
I I didn't have to do it eversince. I think I I then kind of
I got the lesson. Right? So youdon't need to kind of enforce
yourself again to to thesethings, but all in all, I don't
regret it. Let's

And that's a helpful insight, Tomer, you
know, how you add anchors orremove weights so that you can
either ground yourself or orlift off into different domains
and also being self aware tosort of know that this could
become a corrupting way of life,and I need to propel myself in a
new direction. Now before youstarted SentinelOne, you had

(13:32):
been in the role of a developer.I mean, you're probably one of
the first guests we have on ourpodcast who could talk about
server shells, standing up SQLserve you know, servers. So
you've been the VP of product.You've been a developer.
You've been a CTO. You've beenin all of these roles. Now how
did that help you in yourjourney, or what insights did

(13:52):
that give you as you startedCentral?

Yeah. You you know, I mean, to me, this is so
kind of innate to who I am andto what I do that I can't even
envision it a different way.Like, I don't know how you can
be a super effective CEO oranything, honestly, in tech
without understanding the tech.Like, it's really, really a huge

(14:15):
advantage that that I think youhave if you just understand how
stuff works, the easiest way I Ican put it. And it allows you, I
think, to articulate a visionthat is not just grounded in a
concept.
It's grounded in the completeimplementation of the concept as
well and and seeing the waythere and understanding what

(14:35):
components would be needed andknowing also what the
bottlenecks are gonna be or whatthe, you know, the potential
building blocks that you'regonna have to have over time to
reach your vision. So to me, itit was priceless. And and I
throughout time, I dabbledpretty much with every aspect of
development. Like, at the end ofthe day, when I wanted to build

(14:58):
my first kind of a a product, Iremember we kinda thought it was
me in a in a different partnerback then, and we said, okay.
You know, let's maybe raise somemoney and, like, who's gonna
give us money?
It was very, very unclear. Andwe kinda said, you know, we
gotta get some developers to tobuild this, and we just thought,
oh, we're gonna have an idea.We're gonna hire some
developers, and we know we'regonna make it happen. And I and

(15:20):
I remember, I think it was mydad who, you know, we we talked
to about that, and he looked atus and he said, what do you mean
you're gonna hire thedevelopers? You are the
developers.
And from that point on, we kindof realized, okay. I mean, let
let's just learn everything weneed to learn in order to to
build this and and do this. Andfrom there, I think I became

(15:42):
very well versed not only with,like, back end and and
algorithms, but then also theall the way to the database
layer. And later on when thecloud kind of started and
started working very directlywith, like, AWS environment, and
that was amazing. I mean, that'swhere I think where you can just
imagine the scale and everythinggets more automated and the

(16:03):
capabilities you get are nowkind of in the in the click of a
button away and front enddevelopment.
And then when kind of the thetensor world started and, like,
statistics. I mean, all of thatjust became incredibly
fascinating to me, but I Ireally had, like, knowledge of
all the stack to the point thatI would actually, even at

(16:24):
Sentinel, here's a nugget thatI'm not sure I I've said ever,
but the first few userinterfaces that we've had, I've
literally designed myself. Like,I sat with Photoshop and I
thought about the userexperience and and all that
stuff. We were a group of 11developers when when we started
at the at the end of the day.Everybody was contributing code,

(16:45):
including myself.
You know, everybody was workingin the product, including
myself, and that meant alsodesigning some stuff, building
UI, building some endpointcapabilities, building some back
end capabilities. Obviously, ofthat is no longer in the
platform. Do not fear. But,again, I mean, it's it's all
about understanding thesebuilding blocks that are gonna

(17:06):
get you to to where you wannago, and I think also
understanding the problem domainin in a very, very deep way. And
I think I've learned so muchmore on cybersecurity since
starting Sentinel One than Iknew before.
I was always kind of well versedin it from, you know, our team
hacking days. But I think oncewe started truly interfacing

(17:29):
with the adversaries, I thinkthis is where you kind of put
your hacking hat on and youstart kind of using it for the
complete inverse manner. But inessence, it's it's almost the
same skills that you need if youwanna build great defense. You
gotta get, I think, a reallygood understanding of the path
of exploitation,vulnerabilities, how networks

(17:50):
are built, the attack surface,how that's expanding, and
attacker behaviors more thananything. Attacker mentality,
attacker philosophy, like eachone of the adversaries that we
deal with today.
And, you know, look, we we livein a world where every day is
war. I know it's not for youmaybe, but for us that are kind
of on the on the front lines, Imean, every every day is war.

(18:12):
Every day is war with, you know,the Chinese, the Russians, the
Iranians, you know, NorthKoreans, you you name it.
Cybercrime syndicates. There'snot a moment that goes by
without attacks and and offensein cyberspace.
So at some point, you kind ofadopt like a semi military, I
think, kind of way of life whenyou do some of these things.

(18:35):
But, again, that's kind ofthat's kind of our day to day. I
mean, today, it's it'severything we, you know, live
and breathe.

Tomer you mentioned that before even
building, you have gone really,really deep to understand the
problem space. You've beenwriting code. You've been
designing some of the UI on yourown. And then what are your
thoughts about the way startupsare built today in cybersecurity
where people very quickly go andidentify the problem space? They

(19:02):
may very well need to go andhire developers because they
don't know how to build in thatproblem space, and the growth
happens very, very quickly.
Talk to us towards that.

I'm gonna I'm gonna try and be as diplomatic
as possible here. K? Because alot of these are my friends and
my peers and, you know, I'm notsure they always love what I
have to say in that perspective.Look.
When when we started thecompany, we spent two years
building the product. Therethere was nothing to ship. There
was kind of shaky betas, and wehad some great customers running

(19:33):
betas, but we never had anybodypay us a single dime for the for
the first couple of years of ofkind of building, you know,
building the product. To date, Imean, there is extreme deep IP
in everything we do. You know,we got over, I think, a 100 plus
patents just for kind of ourendpoint and machine learning
stuff, not to mention all thestuff we do with with data

(19:56):
today.
To me, it was always aboutbuilding deep technology. And
and I kinda felt like, ingeneral, when you're building if
you're planning to buildsomething big, you cannot build
it without deep IP. You cannotbuild it without deep
technology. Now it might not betrue what I'm saying here. I
think there's a lot ofbusinesses that get to scale,
get really nice sales, and theirIP mode is probably not deep IP.

(20:22):
It could be in the experience.It could be in the workflow. It
could be in how good the UI is.I don't consider all of that
deep IP, but it's stillobviously meaningful IP.
Startups today, I mean,especially in the age of the
LLM, I think you're looking atat something I would I can only
describe it as really dangerous,to be honest.

(20:43):
Dangerous from the venturecapital perspective, dangerous
from the product capabilityperspective, dangerous from the
customer value perspective.Because I think even if you look
at some of the most successfulones, you would describe
success, you know, scaling fromzero to 100,000,000 of ARR.
Like, that's a measure foranything. Like, $1,000,000, you

(21:06):
know, 1 $100,000,000 in ARR isis the inkling of product market
fit. It's not the end of productmarket fit, and I think that's
what people tend to miss.
And then you kind of see largelyshallow IP, lots of open source
usage, lots of libraries cobbledtogether, really neat

(21:27):
experience, which means thatteams understand the workflow
for the customer. It's veryenticing for the customer
because they're getting a, oh,you know, that's something I do
a 100 times a day, and nowthere's this, and you can just
click two buttons. It's actuallyhappening. So you get some
value. I think the value fromwhat I've seen in the past
decade in cybersecurity, we onlytalk about new capabilities.

(21:49):
We are not talking about thediminishing capabilities. And a
lot of these capabilities thatyou're seeing are slowly from
the moment you put them upthere, they're starting to
diminish. And, you know, you cantalk about CSPM for days, and if
we talk about CSPM, I don'tknow, a year ago, a year and a
half ago, it was like, oh mygod. This is the best capability

(22:12):
since sliced bread. Ever sincethat point, it's diminishing
slowly or fastly, however youwanna you wanna call it, to the
point that probably in twelvemonths, we replace all of CSPM
with a prompt that can showmisconfiguration, fix
misconfiguration, here's theplan, click here, done.
So I really think when you lookat what startups are doing

(22:33):
today, some of them, they'repipe dreaming. I don't know if
they're gonna have a business inin a year. Some of them are
rushing to get to, like, youknow, $20.34, $50,100, you know,
million dollar of ARR to declaresome semblance of success only
to get stuck after. And andlook. There is a good slew.

(22:54):
I wouldn't call them zombiecompanies. They're still
growing, but they're growing,you know, roughly, you know, at
the rates that you see withpublic companies. But there is,
like, a $102,103 $100,000,000scale. It's hard to see what
what's the future for some ofthese companies, some of these
capabilities if it's notconsolidation of one way, shape,
or form. But there's also,again, the LLM world, I mean, a

(23:17):
lot of the actual capability isgonna get consolidated and and
folded up.
So I think right now it's thewild wild west, and you kind of
don't know what sticks. And weall get in security really
excited with shiny objects thatwe don't always think about the
order of magnitude ofimprovement that is required.
And then customers sometimesgravitate towards things that

(23:40):
give them a single order ofmagnitude of improvement, and
they and they kinda feel okay.I've done it. Now my SOC is
automated.
I, you know, I took a 100 alertsand I made them 20. I'm golden.
I mean, the it's it's nonscalable. You're not thinking
about the broader issue. You'renot thinking about speed.
You're not thinking about how toeven architect your system to be

(24:03):
able to deal with the challengesthat are upcoming. The challenge
is not collating 100 alerts to50 or running an auto
investigation. The challenge isorchestrating enterprise wide
cybersecurity in real time so wecan address attacks in real
time. And everything your peopleare deploying kind of now in
their environments, if it's nottruly geared and supportive to

(24:28):
that goal, in my in my view,right, this is my own myopic
view of the world, I thinkyou're just gonna find it
practically a waste of time orsomething that can then be
achieved with a hyper automationagentic studio, which is, you
know, some of the stuff that wedo today is we just give people
the freedom to build anyworkflow that they want and
inject agentic capabilities intoit. So it's almost like an app

(24:52):
builder that's baked on top ofthe data security data that you
collect, and you kinda realizeyou can build a lot of what
startups are building just bydragging and dropping a few, you
know, a few blocks.
So I really think that if you'renot building deep IP and it's
getting harder and harder tobuild deep IP in this world, you
know, given, I think, the thesignificant lean you have on

(25:14):
LLMs right now as being the coreof what you do. Everything else
that comes after the LLM, beforethe LLM, that's your IP. Can you
build something substantial? Canyou build something that is not
easily replaceable? Can youbuild something that will be
needed even if AI gets 10 timesbetter and a 100 times more

(25:35):
scaled and pervasive, is youroffering gonna be there to show
value in that world?
And and I'm just not entirelysure everybody's thinking about
it the same way. A lot of folksare really focused on, let me
get some revenue now. I need toshow my zero to 100, so I better
get something sellable and Ibetter get it now and somebody
better pays pay for itimmediately.

Talking about, you know, real technical innovation,
you talked about how it took twoyears to build the original
product for SentinelOne. I Iwant you to go back to 2013. You
you're starting in your in yourhead. Go back to 2013 and give
us some insight on into that.And in particular, you've talked
pretty extensively about thispublicly, but you had felt at
the time that the antivirusbusiness, which is the business,

(26:18):
you know, before Endpoint, hadbeen stagnant for many years,
and you also felt that it wastime that someone needed to do
something different.
And in particular, even backthen in 2013, you were talking
about a proactive AI drivenapproach in AV. What was the
moment that led you and Almog tofound SentinelOne? What was the

(26:38):
part that convinced you that,hey. We have uncovered something
that the rest of the market hasnot yet uncovered, and how much
was that AI and behavior baseddetection? How important was it?
I mean, you've talked about itpublicly, but, really, tell us
about 2013 and what what wasgoing through your head.

Look. I mean, it was probably still is the
most important thing that thatwe do. Let let me start with
today for a second so we canunderstand where where it's at
and where it was in 02/2013.Because today, we cover tens of
millions of workloads worldwidein some of the most critical
large enterprises, governmentagencies that you can imagine.

(27:18):
And when I say cover, what Imean is that there is this agent
that sits there baked withmachine learning models and
algorithms that works completelyautonomously.
It doesn't have a dependency onthe cloud. It doesn't need any
human supervision, and it is thething that decides whether

(27:39):
something is gonna run or notrun across all of these
environments. Some of these areservices that all of us are
using practically using now. Soif that algorithm is getting it
wrong, we don't have a podcastright now or we don't have, you
know, rideshare right now or wedon't have a rocket in the sky
or we don't have a phone call orwe don't have, like, that's the

(28:00):
scale. Right?
And this is AI running on allthese devices completely
autonomously. So this is thestate today. In 02/2013, the
world was very different where,again, coming from the, call it,
the offensive perspective,everything was becoming
incredibly breachable. The theprotection on the endpoint was

(28:22):
signature based and a bunch ofother rule sets, and that was
the easiest thing for attackersto bypass. Literally, you know,
you go through the firewall,which by the way, the firewall
is not a security product.
The firewall is an accesscontrol mechanism. So it it had
no semblance. Today, I mean,they've added a lot of detection
capabilities, but back then, itcouldn't detect. You could punch

(28:45):
malware through it all day long.As long as you had the access
approved, there's no issue.
So you get into the perimeter,the perimeter is gone. People
were starting to move to thecloud, and you kind of say,
okay. I mean, now the perimeteris totally gonna be gone because
it's completely punctured.Right? There's in and out coming
from the cloud.
The endpoint obviously canprotect shit, And then, you

(29:06):
know, you get to what FireEyewas trying to do back in the
day, which was the best solutionagainst APTs. It was the
sandbox. And the sandbox wasthis thing literally an
appliance. You put it in thenetwork, put a SPAN port, you
know, and and have all thetraffic route through it, and it
would catch the files that werekind of running around in the

(29:28):
network. Most attacks that itwas geared to catch were file
based.
So it takes the file, detonatesit in the sandbox, try to
instrument it, which I think isis a good point for us where we
kind of said, okay.Instrumentation is really
interesting because whatinstrumentation is doing in the
sandbox is kind of going throughall the interactions of how the

(29:50):
file was running and interfacingwith the operating system. And
and we said, okay. I mean, thatthat's an interesting approach,
but why do it on a sandbox?Like, the the sandbox is you can
detect it's a sandbox and thussay, oh, no.
I'm not doing anything. Shutdown. Get all the way to the
endpoint, and then there'snothing there and you can run
freely. That was the most commonthing that you would see. And,

(30:12):
also, it wasn't really thenatural place to see activity.
You don't have the user on thesandbox. You don't have the real
programs. You don't have thereal device. And attacks were
just using all of that to evade,get to the target that they
wanna compromise, and fromthere, the road was easy. So
what we started thinking is, youknow, what does the world look

(30:33):
like beyond signatures?
Like, how can you detect badnessin the most generic way
possible? So, basically, if youhad no prior knowledge, would
you be able to tell by theactions that are happening on
the machine that something isnow doing something bad and what
is bad, generally? And and thenwe said, I mean, look. This is

(30:56):
this could be a very classic usecase to leverage machine
learning and basically startbaselining what bad behavior
looks like on the device. Itdoesn't have to be file borne.
It could be, you know, even alive attacker that is now doing
something on the endpoint. Ourthesis was that what you will do

(31:16):
will forever look different thanbenign behavior on the endpoint.
When we open up a Word file,when we, you know, open up the
podcast, when we share files, wedo all of that, if I take all
the instrumentation of thebenign operation of the device,
I instrument it at the kernellevel, I get all the the
different calls, network,memory, disk, all of it, and you

(31:38):
put it into a cluster, you cansay, okay. This is my my benign
set. And now same device and yourun some malware or you run some
attack code or you deploy aremote code exploit and you view
again how that reflects forinstrumentation.
You put all of that into machinelearning and you start getting,

(31:59):
you know, these these two modelsthat can tell you this doesn't
look normal. This looksdifferent. And so that was, I
think, kind of the the point thepoint of origination for us. And
then and then you had othermuch, you know, harder questions
honestly, which is, can you makeit run-in real time? Because we
wanted to build a preventivesystem.

(32:20):
We didn't want just somethingthat comes there and after the
fact tells you, oh, you know, wesaw some bad behavior just
happened an hour ago andeverybody's out with your stuff.
No. I mean, we wanted we wantedto build some, which, by the
way, every sim solution in theworld today, I mean, that's
exactly what you get. You youget a a nice view into the past
when you look at the events thatare coming in versus, you know,
endpoint protection, especiallyours, which is parsing through

(32:43):
the data in real time and isable to interact and interface
and intercept in real time. Sothe one of the main questions
was, can we run this in realtime in line with the device as
things are happening so we canthen intercept, stop, and
potentially even remediate if wesaw some damage happening?

(33:03):
So can you do it in real time?Can you do it in real time
without shutting down everypossible resource of the device?
Like, our goal was to be slimmerthan an antivirus, which, by the
way, we are today, by far morelightweight than an antivirus
even though we do a whole lotmore on the endpoint. And the
last piece was, can you do it,like, super accurately? Right?

(33:26):
I mean, because if you can't doit accurately, then you can't
really do prevention. You can'treally start stopping stuff in
your own accord if you'reshutting down, like, critical
processes. So it was a hugeundertaking. And and to get it
right, you know, there werepoints in time where we I
remember it vividly. I mean, wewould sit in kind of the the
ragtag office that, you know,that we've had back then, and we

(33:50):
would be incredibly frustratedbecause we couldn't get, like,
the agent to parse through allthe data without taking, like, a
full core, you know, from a froma multithreaded CPU.
So, I mean, there there was alot of work in engineering that
got into, you know, buildingwhat looks very trivial today.
You know, it's just better thanthe antivirus and, you know, it

(34:10):
just stops stuff. But, look,it's the first line and last
line of defense for many, many,many workloads out there at the
end of the day, whether it's,you know, server environments or
cloud environments, you know,all the way to to Kubernetes
environments today and,obviously, kind of the bread and
butter endpoints that that weall use. So, again, was
nontrivial. I don't think thatwe knew for sure that all of it

(34:33):
can work in the way that wedream it to be.
I mean, each one of theseaspects had a mitigative plan.
Like, if we can get it to gothis way, what would be the
fallback? But eventually andlook. We still have an amazing
engineering team. I think that'sthe one thing that people have
to remember.
I mean, this place is all aboutthe talent, and and it's all

(34:54):
about making impossible thingshappen. And that's how you
create deep IP and, you know,you get some incredibly
brilliant people to do theimpossible, basically, and and
that's kinda what you seerunning today worldwide.

Tomer, I've written extensively about the
unit 8,200 and the importance ofthe unit in the Israeli
cybersecurity startup ecosystem.But it's important to highlight
that neither yourself nor yourcofounder came out of the unit,
unlike many of the founders thatare starting the companies
today. And in fact, you've saidin the past that this was a

(35:28):
tremendous strength because youdidn't have the 8200 frame of
mind. I have many questionsabout this. So first of all,
what is the 8,200 frame of mind?
And secondly, how did beingoutsiders to that traditional
cyber network influence the wayin which you build SentinelOne,
in which you define thetechnology? Did it give you a

(35:49):
different perspective? Did itgive you some advantages? Maybe
did it give you anydisadvantages or challenges that
you ended up facing in gainingcredibility?

Yeah. No. Look. Let me let me try and
reframe it or maybe a bit morebroadly. First of all, it was a
tremendous disadvantage to getstarted.
Right? I mean, you're going inand you're talking to, like,
Sandhill Road VCs, and you wannaraise funds for this thing that
will disrupt the $20,000,000,000market cap companies. You know,

(36:19):
Symantec and McAfee, you'regonna revolutionize the world.
And you're Israeli. I mean, youcan't you can't hide that fact.
And you're in cybersecurity, andyou're obviously not trying to
hide that fact, but then it kindof ends. Like, that is it. I
just like cybersecurity, and I'mIsraeli, and I'm not 8,200. And
I'm not, you know, ex military.So I think it it was really,

(36:42):
really, really hard back then tokind of showcase the credibility
because everybody was justlooking for that same criteria.
To a lesser degree in SiliconValley, definitely in Israel.
And and I think to me, that wasalso, like, one of the main
reasons why I kind of felt like,to me, this journey needs to be
in Silicon Valley. It cannot bein Israel because people don't

(37:04):
really understand the problemset and the opportunity,
definitely not the technology,and they understand they
understand only pedigree. Andand that pedigree were just
something I didn't have. I mean,I didn't, you know, have Gil
Schwed as a friend or, you know,the the ex commander.
They're all my friends now. Imean, that these are my friends,

(37:25):
but but back then, obviously,it's not the case. Right? I'm
like a 29 year old kid thatnobody knows, honestly. And so
that that was a hugedisadvantage.
But on the flip side, you know,I had other folks on the team
very early on that came exactlyfrom these units. To date, I
mean, as you can imagine, a lotof our, like, Israeli based r

(37:45):
and d I mean, these are theseare folks that are coming from
from these units. And,obviously, I mean, they're
incredibly talented. I mean,they possess probably much more
knowledge than I have in certainareas than than I would ever
have. So I think there'sdefinitely learnings that I did
not get by not serving in theseunits.
But on the flip side, we kind offelt like the thing that makes

(38:10):
us very successful is ourability to think without
boundaries, to think withoutconstantly be tainted by the
downloads of somebody else or orthe kind of the the opinions and
the frames of mind of ofsomebody else no matter who that
is. Obviously, there'sincredibly smart people in the

(38:32):
world and you wanna listen toeverything that they say. But
for, like, very young,individuals, I mean, 80 to 100,
you know, folks, they're 18years old, you get them into
this thing, and that thing is isa machine. And that machine, I
think, imprints you in a in acertain way. It gives you a lot
of great things, but it alsogives you a certain mentality

(38:53):
and a certain philosophy youlike it or not.
And whether they call it aphilosophy or not, I mean, just
by the virtue of how you dostuff, I think you're gonna get
into into a certain path. Notbeing in that path or not being
in any path, to be honest, itgives you a lot of freedom. Now
it's it's your choice what youdo with that freedom, and it's
your choice what opinions youestablish and what your ideas

(39:17):
are. But to me, that that wasalmost like a sacred thing.
Like, I I, look, I listen and Iread and I see everything that's
happening.
In cybersecurity, outside ofcybersecurity, you know, I I got
other hobbies. You know, I findneuroscience fascinating, and I
sit on the board of trustees ofPalo Alto University for mental
health. And I love quantumphysics, and I spend a lot of my

(39:40):
free time in just readingresearch there. But what I found
from these disciplines, by theway, and I would say quantum
physics more than anything, isreally the importance of freedom
of thought and and really beingnot tainted by the many, many
dogmas that we have throughoutour lifetime. The less you put
yourself or kind of adhereimmediately to found these

(40:02):
boxes, I think the more open youare to just contemplate
whatever.
And and I think sometimes thatwhatever looks crazy to some
people, but it's only crazyuntil you do it and until you
prove it's successful.

So, Tomer, the first few years are still a
grind for you. You know, youwere the only salesperson at
Central One for the first threeyears. You're not from 8200, so
no VC wants to talk to you onSandal Road. Help us understand
what those two, three years werelike for you. You also touched
on mental health.
You know, this is an incrediblytough journey, lonesome journey

(40:34):
for a founder. And then alsogive us some insights into how
you snagged your first investor,snagged your first customer, and
give us some inspiration there.

Yeah. Look. I mean, I I was just dissing,
like, Sandel. Right? I mean,eventually, you know, we had
Excel invest in us, and, youknow, we had some really, really
great really great investorsfrom the seed level and and ever
since, I mean, all the T Rayswere investors.
You know? Xcel invested andSequoia invested and Insight
invested, and I'm probablyforgetting in Redpoint and some

(41:05):
really amazing investors alongthe road in Thirdpoint and many
many others. I think I've raisedprobably close to a billion
dollar pre IPO and then anotherbillion 0.4 post IPO. I never
thought of myself as asalesperson. Like, I I do not
sell things.
I don't think I ever, like,closed the deal or, like, made
terms. You know, I show up and,you know, I I speak about, like,

(41:28):
what our product can do and whatI think it can do for for the
customer more than anythingelse. And, you know, and I
listen and I find ways, youknow, on how we can be helpful
to customers. And that's largelywhat I've done also in the
initial stages, and it was itwas challenging. It was
challenging because, you know,I've never done it before, to be
honest, especially now kind ofat the enterprise level, you

(41:48):
know, that that we're doing ittoday.
So it was it was very foreign tome, and I'm and I'm a very
straightforward person. Like, Icome into these conversations,
and I kind of call it like itis. You know? Right? I mean, I'm
not trying to go through theplaybook process of how you do,
you know, enterprise selling ina competitive environment.
Right? Like, I don't care aboutthat. I don't come in and start

(42:12):
bad mouthing the competition anddo all that stuff. I come in
and, you know, I talk abouttechnology. That's what I know
what to do how to do.
And I think eventually, youknow, the main thing with kind
of the VCs were just to helpthem see the opportunity and
help them get more conviction inthe technological direction that

(42:33):
we have. Because as you canimagine, I mean, it's not
something that's verystraightforward to explain, and
many, many folks that are notdeeply technical will understand
it. Sadly enough, I rememberback then, like, a lot of VCs
would send you to experts, allkinds of different experts from
many, many different kinds. Someof them will end up being your
competition. So you can imaginewhat type of advice they're

(42:55):
gonna give back to the VCs.
I mean, you know, if one of yourexpert is, like, I don't know, I
mean, what would he say? Oh,that stuff, it doesn't work. I
mean, don't don't invest in it.Of course. So you can imagine
the world is a very interestingplace, you know, and the and the
dynamics are you know, Sid, youyou know that you know that
stuff pretty well.
Right? So to me, I was justreally just focused on getting

(43:17):
people to understand thetechnology. And I failed many,
many times. Right? I mean, Ithink I got, like, hundreds of
no's, you know, throughout thisprocess as as any entrepreneur
gets.
But I think, you know, therethere were some great funds that
eventually saw what, you know,what the art of the possible
would be, and they believed inus. And, you know, I'm I'm very
grateful for that. I mean, theythey helped us kind of come off

(43:38):
the ground really, reallyquickly. You know, I remember I
was trying to raise, like, amillion dollars and, you know, I
ended up with, like, $500,000worth of seed. And it's probably
one of the happiest moments inmy life was just the realization
that somebody's giving me allthat money to go and build
something totally new, totallyfresh, and I think that was,

(43:59):
like, a real magical moment.
But, you know, the moment youget a little bit of traction
there and and people start tosee, like, okay. There's a major
opportunity here. Technologyactually works, at least even
conceptually into the future,then I think the thing you know,
things become slight slightlyeasier. I would never call it
easy. It is a very tough journeymentally.

(44:22):
There's no question about it.Like, again, you know, you
opened we we opened and wetalked about, hey. You know,
there's lot of bad stuff that'shappening. Let's talk about the
bad stuff. We didn't talk a lotabout the bad stuff.
But you can imagine that inevery part of the story of this
journey, there's constantly badstuff happening. There's not a
day that progresses withoutsomething that that you're gonna

(44:44):
have to deal with, change,improve, optimize. It's just
part of the journey. And I thinkif people have this expectation
that they go into any of thesestartups to kind of stand alone
company journeys going after thebiggest market forces that you
have, is gonna be a an insaneroller coaster. And and, you

(45:06):
know, the highs, the lows, theysometimes come together.
Right? I mean, it's you don'teven in nature, I'm not sure you
have something to describe. It'snot a roller coaster. There's no
roller coaster that goes up anddown at the same time. I mean,
that would be just crazy, butthat's the reality of what you,
you know, you have to deal with.
And you have to be also maybe atiny bit crazy. I mean, if
you're going after Microsoft andthen you're kind of saying, you

(45:28):
know, I'm building somethingthat is better than the biggest
company in the world or one ofthe or second biggest company in
the world, and I'm buildingsomething better than the
biggest cybersecurity company inthe world, and I'm biggest sign
I'm building something betterthan the second biggest
cybersecurity company in theworld, and these are my
competitors. And to date, ourwin rates, our success, our

(45:48):
growth still triumphs, which iscrazy. I mean, throughout all
these market conditions,throughout inflation, throughout
a bubble burst, throughout, youknow, zero interest to mega
interest, throughout tariff day,throughout all of these things
that ensue. We've been growingjust in a very, very amazing

(46:11):
way, one of the fastest growing,you know, companies on the
public markets.
Really grateful for, you know,the resilience of our people
and, you know, how they carrythemselves, like, throughout all
these different gyrations andknowing that, you know, no no
day is gonna be just a supereasy day when we're all just
relaxed and, you know,everything is fine. That's not
cybersecurity. Maybe other partsof software, but not not

(46:31):
cybersecurity.

And probably not startups in general. So in at
Sentinel as SentinelOne scaledfrom a scrappy start up to a
public company, how did yourrole and how did your leadership
style evolve? Look looking backat the time when you were
writing code and then goingforward to the time when the
company went public in midtwenty twenty twenty one at

(46:54):
around 15,000,000,000 valuation,a lot has changed. Are there any
lessons on hiring leaders orshaping culture that you would
be willing to share?

I think the the biggest thing is that your
leadership has to change all thetime. Like, if somebody thinks
that you start as a leader andthat is it and you got it and
now, you know, you run with itall day long, it's just not the
case. I mean, it wasn't the casefor me. I think I was a very
different leader early on. Maybethat's what was called for also.

(47:23):
I think I was much moremilitaristic, I would say, in in
kind of my my style, and I wasmuch more hard driving and, you
know, I I would just punchthrough punch through walls.
Maybe not very pleasant to workwith. I think a lot of people
were just generally quite scaredto interact with me in any way,
shape, or form, which eventuallyled to problems, have to say.

(47:46):
Like, people just couldn't cometo me with issues even that at
some point I kind of realized,okay. I mean, this this is not
the way.
I mean, I'm not this is notyielding what I needed to yield,
so there there need to be adifferent way. But I think a lot
of it revolves around yourleadership team as well and kind
of how, you know, how you buildand who who are the people you

(48:07):
surround yourself with. I thinkfor me, the biggest learnings
are were maybe still are kind ofdealing with compromise, knowing
that many, many decisions thatyou're gonna take are gonna be
great for one thing, but acompromise for some other thing.
And and I think you have toreally decide, like, what's more

(48:29):
important to you at the givenmoment. And, you know, sometimes
we make decisions to solve forthe here and now, and we know
that it's something that may notscale later and may cause other
issues later.
How do you look at thesedecisions, I think, are are kind
of constantly probably the mostchallenging points for for any
leader, the short term versusthe long term. I've learned, I

(48:52):
think, very early on to testmyself time and time again. So
literally to write down decisionpoints and what I've decided and
look back after three months orfive months or six months kind
of back into, okay. So I tookthis decision. Did I get what I
wanted to get?
And did I get to the vector? DidI get to the progress? Am I am I

(49:13):
on the right path? And as I sawthat these are converging more
and more and more and more atreally high percentages, then
you can just run with it much,much faster because you know
you're you're kind of taking theright decisions. But sometimes
you need that calibration toknow that you're just not
running with, like, imaginarydecisions that everything is

(49:33):
going well.
And I think the the biggestthing that I think is also very
different with Central One isthat we we're very much kind of
a different corporation. Like,we we are now a public company,
you know, kind of close to abillion dollar in scale for
revenue, which is close to 10times where we were at IPO
revenue wise, which is reallycrazy to think. IPO We was, a

(49:54):
$100,000,000 four years ago, soit, you know, it's been it's
been a journey. But but I thinkthe main thing is that we are
still laser focused on justdoing the right thing. I mean,
we're we're very focused oncustomers, very focused on
building technology, veryfocused on making the world more
secure.
And and we truly believe thateverything else is gonna

(50:16):
eventually, you know, kind ofalign as long as we stick to our
mission. And thus, you know, wedon't maybe spend as much time
in, like, overarching marketingand and all that stuff. And a
lot of the things that you seein cybersecurity today, which
I've seen for years, but but Ithink have just become more and

(50:38):
more accentuated, is the factthat given the state of
confusion, I think just lack ofclarity for customers in general
as to what comes next,Cybersecurity vendors always had
and now even more have thisability to basically throw a
narrative out there that fitswith their product portfolio and

(51:01):
get people to consume. And andsometimes it's in complete
detachment from the actualcapabilities, what's coming, is
it gonna scale for another year.It doesn't really matter the
power of the narrative, thepower of marketing, the power of
these machines, the power of thelocked customer base.
If you've already amassed, let'ssay, you know, 50,000 customers,

(51:26):
your ability to just put morestuff through that grinder and
sell more is sometimes, again,in complete disconnect from what
these customers actually need.And in many cases, they might
not even uncover what they needbecause they're locked in that
narrative bubble for whatevervendor is currently kind of

(51:46):
owning the relationship, youknow, top of mind for them or
whatnot. So to me, that'sprobably one of the most
challenging things is I don'twanna sell what my competitor is
selling. I wanna sell what Ibelieve is gonna make the
customer the most secure. So thework here is kind of it's double
factor.
It's not only building betteroutcomes and better
technologies. It's also, Ithink, describing to customers

(52:11):
what security could look likewithout the constraints of the
current stories that they'rehearing from vendor a or vendor
b or vendor c that just made ablockbuster acquisition, and
they gotta push more of thatstuff into their environments
with no apparent synergisticcustomer value.

Thank you, Tomer. I think you talked about
the importance of building asolid product and then also
being able to get the customerto shift from a state of inertia
or being in a locked state withexisting vendors to look at
something new. There is a thirddimension here which sort of
falls into, I would say, themacro or outside the direct
control of your domain, andthat's the stock market. Yes.

(52:53):
Central One is a publicly tradedcompany, and it's growing
steadily.
You know, you have done 10x infour years, you know, going from
100,000,000 to now approaching abillion dollars in ARR. But then
you look at the stock market,and a lot of people would judge
a company based on market cap ormultiples. And there is certain

(53:17):
abstract randomness to that, andthere is certain rationality to
that. How do you see this? Andshare with us some of your both
frustrations as well as yourviews of of this world.

Yeah. Look. I mean, I think it's very, very
clear that how valuableSentinelOne is and what
SentinelOne does in its placeand its customer base and its
revenues and its growth and itsfree cash flow and all of that
is now standing in completedisconnect to the company's
market evaluation. I'm not gonnabe this is not this is an SEC

(53:51):
approved statement because it'sjust plain to see. Right?
I mean, there's nothing herethat I'm saying that is crazy.
With that, everything you saidis also true. Right? I mean,
people in in our world, so aspart of that marketing and
narrative and with the help ofhow other vendors would help
position SentinelOne. Right?
I mean, they would point tothat. Obviously, their market

(54:12):
cap implies that the company iswhatever. Right? And and it's
just not the case. Like, the themarket cap doesn't affect our
technology.
The market cap doesn't affectour service level to customers.
And if you look at any thirdparty at the station, it clearly
doesn't affect the efficacy, youknow, of our products versus the

(54:32):
competition. Like, we literallylead in every perspective from
endpoint to what our SIEMsolution can do. Our SIM
solution is one of the only onesthat is real time in this space.
I mean, it's just it's mindblowing why people switch to
other SIMs right now wherethey're just moving from one SIM
to a different SIM becausesomebody's advertising.
I don't even know what they'readvertising to get these people

(54:54):
to move, but it's better pricingat the end of the day. But but
when you think about ourcapability set, again, all of
that stands in complete contrastto to our market valuation. So
that's definitely frustrating.Right? It's frustrating to me as
the biggest individualshareholder, you know, in in the
company as you can imagine.
And it's it's frustrating for meas the CEO and, you know,

(55:15):
looking at the morale of ourpeople that know that they're
doing something that's probablyworth, you know, much, much
more, but it's not beingreflected. But, also, I think we
have to remember that we haveresponsibility here for that as
well. Right? I mean, we we hadsome quarters where we were not
consistent enough. And, youknow, we've made we set a very

(55:36):
ambitious growth goals forourselves, and we fell short of
them.
And I think the public marketexpect a certain mode of
operation on a quarterly basis.Now if you ask me, I mean, the
quarter based system, is it thebest way to run a company? I
would probably say no. It'sdefinitely not that. And then
the interesting part is that ifyou zoom out and look at

(55:59):
CenterOne's performance on ayearly basis since IPO, it's
practically second to none.
Inside the years, I mean, youget all kinds of different
gyrations, and I think this iswhere investors, you are looking
rightfully so at the system thatworked for many, many, many
generations now, which is thepublic market. And if you're on
the public market, you need toplay by the rules of the public

(56:21):
market. And I think that's thething that we just need to to do
better, but I'm not gonnasacrifice the strategy we have
and what we need to do and thechange that we need to
undertake, especially in thisbrave new world that we're at
just for satisfying a quarterlytarget. I'm much more focused on

(56:44):
the long term. I know it'spainful right now for me, for,
you know, our shareholders, andwe're obviously working in
tandem to get to a point whereour value is much more
reflective to who SynthemOne isand and our revenue scale and so
forth.
But, again, it's not it's notpriority number one. It it's
never gonna be priority numberone. And I sincerely believe

(57:06):
that, you know, it's just aquestion of time until that
aligns back to where it needs tobe. And it's incumbent upon us
to show more consistency, andit's incumbent upon us to come
in and set reasonable goals forourselves and then show the
market that we can execute tothem and give people the
predictability that they want ona quarterly basis. I think on a
on a on a yearly basis, youknow, show me a better company,

(57:27):
but people just don't look atthat.

That's a great way to put it. And for what it's
worth, we at Foundation Capitalare SentinelOne customers. So on
this agent right now as we'respeaking, I I always remind our
team. I'm like, know, if youhave an issue, I'll just call
Tober on this topic. Let's talka little bit about strategy and
company strategy at scale.

(57:49):
So very recently, you announcedthat you're acquiring Prompt
Security, which for ourlisteners, if they don't know,
it's a startup focused onprotecting companies from Gen AI
risk, which is a new andemerging risk. Why was Prompt
the acquisition that you feltyou know, this was an era you
wanted to buy versus build? Andbroadly, how do you think about

(58:09):
buy versus build, particularlyas SentinelOne has expanded from
that endpoint business over tocloud, over to data analytics,
over to identity protection.You've gone into these different
areas. How do you think how doyou weigh buy versus build in in
in those conversations?

Look. I I think more broadly, we kind of
split our platform capabilitiesin two. I mean, ones that we
believe are super strategic mustwin and ones that are we just
wanna give better service forour customers and we want to
have the services under underthe umbrella. And and we believe
we have table stakes capabilityat minimum, sometimes even

(58:47):
better than some of the leadersin the space. So it's kind of
split in two.
For prompt, you know, and withevery acquisition that we do, we
POC pretty much everybody, andwe talk to everybody in this
space. Like, we got a tremendoustap into the startup, not only
startup, you know, scalecompanies, all of it, public

(59:08):
companies. Like, we'reconstantly keeping tabs on
everybody, honestly. I mean,there's there's a lot of
acquisitions here that wecontemplate and, you know, we
put on back into the drawer. Butwhen we see, I think, a market
opportunity as big as the onethat we now have the ability to
serve with Prompt, then, youknow, we kind of take into

(59:30):
consideration, I think, chieflytime to market and competitive
differentiation.
And in essence, you can buildanything. Right? I mean,
especially now, you know, whenyou got cloud code, you can vibe
code anything you want. I'm justkidding. But but at the end of
the day, it's gonna take time.
And standing up teams is gonnatake more time, and shifting

(59:51):
focus is is more time.Everything is time at the end of
the day. That to me is, like,the the ultimate currency. And
then kind of looked at the worldof of possible solutions or
trying to address what I thinkwhat I can only describe is the
crisis that enterprises havetoday in allowing their
employees to use GenAI productssafely. And the genie is out of

(01:00:15):
the bottle.
It's there. It's in theenvironment. Everybody's trying
to find ways to regulate usage,I would say, unsuccessfully, at
least from everything that we'reseeing. Very little customers
have had, like, the rightcontrols in place. Most of them,
they try to block it and, youknow, go to the firewall, set up
some rules, block the traffic,half successful.

(01:00:38):
Others, you know, they're tryingto block it in the browser.
Great. I mean, what about allthe other endpoint, the rest of
the endpoint? So there'sdefinitely, you know, a huge
pool in the market. And then welooked at all these companies
that claim to do something in inthat domain, ones that are more
focused in model protection, onemore in employee protection.
And, honestly, I mean, veryquickly, you get to, like, an n

(01:00:59):
of one with a company that took,like, more of a a DLP approach
on the endpoint thatcoincidentally, I have to say,
is also very, very complementaryto our footprint on the
endpoint. Suddenly, you findthis very interesting, you know,
synergy both in terms ofapproach and in terms of
relevance to what we do today onour endpoint fleet. And and I

(01:01:24):
think then you just talk tocustomers. And when you talk to
customers and the conversationsare very short, very precise,
and customers get very excited,and I have to tell you, it
doesn't happen all the time. Itdoesn't happen to with every
product.
Doesn't happen with everyacquisition. Let's be fair about
it. But when you see it there, Imean, that's a huge indication

(01:01:45):
that, you know, you need toprobably move to do something in
the field. And when you validatethe approach, I think it kind of
zeros in more on the company.And then you kind of say,
there's nobody else that's doingit in this fashion.
So also in terms of, like,competitive advantage
competitive advantage,competitive differentiation,
this looks pretty good to me.You vet the team. I didn't know

(01:02:06):
anybody at prompt, to be honest.You know, I I got a lot of
friends all across the industry,but I knew literally no one at
at prompt. But the more we kindof worked with them through
diligence, the more we looked atthe technology, you know, we we
just got more and morecomfortable and more and more
impressed with what they can do.

(01:02:27):
And and I think this is then itbecomes, like, an easy
acquisition. I wish, like,acquisitions would be kind of as
slam dunk from all theseperspectives. I think they need
to come with a really robustintegration strategy, which, you
know, obviously, is the thingthat's gonna unlock the value
here. But, you know, all in all,it really is about market needs

(01:02:47):
and time to market. And then,obviously, the talent you're
getting, the competitivedifferentiation, I think all of
those are just incrediblyimportant.

Ross Haleliuk (01:02:56):
Thank you, Tomer. We've talked about a lot today,
and I would like our lastquestion to be around AI because
that is how it has to be in2025. There is a lot of hype
around AI. What advice do youhave for for CISOs, for
founders, for operators,investors, and everybody else
trying to make sense of thishype? And, also, where do you

(01:03:17):
believe AI will actually trulydeliver the biggest payoff in
cyber defense in the next fewyears?
And how do you think theorganizations have to prepare
for it?

Tomer Weingarten (01:03:27):
Yeah. I think it and, you know, it really is,
I think, a question that kind ofboth these questions go hand in
hand, I would say. I sincerelybelieve that at this point in
time, what CSOs, security teamsshould be focused on are first
principles and architectures.There is no solution out there
that does what it advertises.There is no solution out there

(01:03:49):
that is a silver bullet rightnow.
And the main thing you need tofocus on is how do I design my
environment right now to be asready as possible to the point
where there could be this AIsystem that can then manage my

(01:04:11):
environment, basically. So howdo you build the right controls?
How do you decouple the decisionmaking? Let's say, the brain
from the controls, Make sure youhave the right controls. Make
sure you have the right datapipelines.
Make sure you can stream data.Make sure you can orchestrate

(01:04:32):
action back. So really think inthe most generic terms even
without thinking about thesespecific, like, email security
or or network security oridentity security, it's just a
component. I mean, it's it's acomponent in a wider system, I
think that is probably the onlything that you can do right now.
If you're jumping into, oh mygod.

(01:04:54):
I've seen this agentic workflowthing that is gonna
revolutionize what I do, thenyou go and you deploy that, and
I think you get, like I can onlydescribe it as a false sense of
productivity where you get some,you know, some uplift just to
get stuck again in some otherbottleneck while the attack
landscape is not focused onminiaturizing an automatic

(01:05:19):
workflow. They're focused onasking an LLM to hack you,
period, without seven differentworkflows. So the generic way
that you see reasoning going, Ithink eventually, will see much
more broad based systems thatare able to tap in and then

(01:05:41):
really drive cybersecurity foryou. Kinda think about it as a
as a as an autopilot where youget human supervision, maybe MDR
teams in the future are justsupervisors for AI systems that
are driving everything in yourenterprise def defense. And I
think in that world, I mean,think about enterprise defense

(01:06:02):
as you got the detection, butyou also got the configuration,
which is like all the misconfigsand vulnerabilities and and all
that stuff.
And you got discovery, and thenyou got response and
orchestration and and and all ofthat. But but I really, really
think that things are gonna getat some point much more
automated, much more broadbased, going now process by

(01:06:25):
process and trying to automateworkflows. To me, that is maybe
an immediate pain relief forenvironments that are very
inflated with alerts, but it'snot it's not something that's
gonna be, like, super productivein the next, you know, twelve,
twenty four months. And and theother thing the other thing that

(01:06:46):
frustrates me honestly is that,you know, if you look like
things even like the MITREevaluation framework, when you
get different products there andyou realize very quickly that
you have products on that listthat generate 10 times,
sometimes 100 times more,literally a 100 times. I'm just
saying it.
A 100 times more alerts perintrusion, per technique, per

(01:07:09):
detection than other products.And what's happening is that
some of these vendors are comingin and they're selling you
agentic capabilities or whateverthey wanna call it to deal with
the massive alerts that theproduct is generating to begin
with. And in essence, you canjust pick a product that
generates much, much less alertswhere the AI is more embedded in

(01:07:31):
it, and then you don't need todeploy yet another thing that
shows you this magic ofminimizing these alerts. So
these are just some of thenuances that that you see today.
But, look, I mean, there there'sall gains to be had.
There's a real problem right nowwith production grade systems.
So I think there's a lot ofbeautiful stuff that works in

(01:07:51):
theory. Really amazing stuff. Inour labs, I can show you things
that, you know, it's gonna blowyour mind what it can do. It's
truly mesmerizing, amazing,scary, all of the above.
The distance between what it'sdoing into getting it into a
production environment isnontrivial by by any degree,

(01:08:12):
maybe impossible with thecurrent state of the art. So I
just think that the horizon isthe one unknown to all of us,
and that's where, you know, ifif people think the horizon is
too far, they gravitate to thecapabilities of the now. But if
the horizon is closer than that,then sometimes you're just
wasting time and money andeffort to do something that

(01:08:33):
you'll throw away, you know, inin a in a quarter or two or in a
year. And I think we've seenalready a cycle like that in
generative AI with a year agowith, like, the chatbots and the
copilots. And, you know,everybody was like, oh my god.
This is it. Let's do it. Satyais telling me it's, you know, a
100 times more productivity. Ijust need to get to Office three

(01:08:55):
six five and the e five license.We're gonna be the most
productive company in the world.
Well, apparently not. And now,like, who cares about that?
Right? I mean, we're not eventalking about that. So we really
have to always kind of fight ourown inclination to go with the
trends.
It's like even at the age ofTikTok, I think it's even more
exacerbated where you you got atrend, and it could be, like,

(01:09:19):
momentary and it can drop. Itcan be like this, but
eventually, it's just a trend. Imean, it's it's not much more
than that in many cases.

Mahendra Ramsinghani (01:09:27):
Tomer, this has been a fascinating
journey. And, you know, as wethink about your persona, the
best thing that comes to ourmind is that you are a classic
example of the wartime CEO who'sworking really, really hard to
become a peacetime CEO. Youknow, you talked about your self
awareness and how you writethings down. You talked about

(01:09:47):
the fact that people wanna cometo you and they should not fear
of you and how you're buildingyour own journey as a leader in
that journey. And I feel likethe world definitely needs more
CEOs like you.
You know, you help make thisworld a safer place with with
the work you do. You know, youtalked about looking for
trouble. We hope more peoplelike you go looking for this

(01:10:10):
kind of trouble where the worldbecomes better. You talked about
staying uncorrupted by riches, avery rare attribute because the
vast majority would, I don'tknow, go to Vegas, get drunk,
and and lose their stuff. So wehope that you stay uncorrupted,
and you stay true to who you areas a person who's constantly
growing and constantly helpingothers.
So thank you for your time.

Tomer Weingarten (01:10:31):
Thank you. Really, really appreciate it.

Sid Trivedi (01:10:34):
Thank you for joining us Inside the Network.

Ross Haleliuk (01:10:37):
If you like this episode, please leave us a
review and share it with others.

Mahendra Ramsinghani (01:10:42):
If you really, really liked it and you
have some feedback for us, wrapit on a bottle of Yamazaki and
send it to me first.

Sid Trivedi (01:10:52):
No. Don't do that. Mahendra gets too many gifts
already. Please reach out byemail or LinkedIn.

All Episodes

Episode Transcript

Popular Podcasts

Las Culturistas with Matt Rogers and Bowen Yang

Crime Junkie

The Brothers Ortiz

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}Tomer Weingarten: From cyber outsider to building SentinelOne into a $1B ARR category leader

Episode Transcript

Popular Podcasts

.css-r6mb8g{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:1;overflow:hidden;}Las Culturistas with Matt Rogers and Bowen Yang

Crime Junkie

The Brothers Ortiz

All Episodes

Tomer Weingarten: From cyber outsider to building SentinelOne into a $1B ARR category leader

Las Culturistas with Matt Rogers and Bowen Yang