In a rare move, SentinelOne has publicly confirmed that it is under persistent attack from nation-state threat actors and ransomware gangs. This episode breaks down their recent report detailing how these adversaries—some believed to be backed by China and North Korea—are targeting SentinelOne to gain insight into how thousands of environments are protected.
We explore how these campaigns go beyond passive espionage. From elaborate social engineering to credential theft, adversaries are trying to infiltrate SentinelOne’s systems directly, including through fake job applications from North Korean IT operatives. We also discuss the implications of this disclosure: why SentinelOne chose to speak out, what it means for the rest of the cybersecurity industry, and what businesses should learn from this level of transparency.
This is not just a story about cyberattacks—it’s about trust, vendor risk, and the growing reality that even the protectors need protecting.
