SentinelOne’s core value is summarized as a proven ability to keep unauthorized, destructive code out of your environment while providing detailed “what if” searching capabilities for hunters and responders all in one agent. The SentinelOne platform unifies prevention (EPP), detection & response (ActiveEDR), fast recovery, incident response threat hunting and security suite features into a single-agent solution for modern Windows, legacy Windows, Mac, and Linux. Customers use SentinelOne to protect user workstations and servers running natively or within VDI infrastructure or the cloud. Though SentinelOne is primarily a SaaS solution with data centers situated within AWS on three continents (North America, Europe, and Asia), an on-premise management solution is also offered for customers with closed networks. Our solution offers protection, visibility, simplicity and automation for all business or governmental organizations.
We offer support for all modern Windows OS’s, legacy Windows, macOS/OS X, and many Linux distributions. Agent policies are simple and straightforward. SentinelOne also focuses on saving our customers time through automation. For example, strong prevention and detection within one agent is complemented by a menu of responses (alert, contain, kill, quarantine, remediate and reverse unwanted systems changes, and finally Windows rollback). Our ~300 2-way RESTful APIs enable customers to integrate SentinelOne with other security stack components. All of these features contribute to deeper protections, machine-speed responses, and a simpler management experience for SOC Teams.
SentinelOne provides a complete endpoint solution in one platform that delivers these high-level capabilities:
Prevention: Delivered using pre-execution Static AI technologies that replace signatures. Used to detect file-based malware in PE, PDF, and Microsoft Office files.
Detection: Delivered using on-execution Behavioral AI technologies that detect anomalous actions in real time at the endpoint without cloud reliance. Used to detect fileless attacks, exploits, bad macros, evil scripts, cryptominers, ransomware and other attacks.
Response: Delivered in milliseconds to shutdown attacks thereby reducing dwell time to near zero. Includes alert, kill, quarantine, and network containment.
Recovery: One-click reversal (remediation) of unwanted changes, Windows rollback to recover data, remote shell.
Hunting: Delivered as a supplement to Prevention/Detection/Response for organizations that need advanced IoC and artifact hunting capability.
IoT: Get visibility into any IP connected device; Unveils device metadata such as Device Type, Operating System, IP Address, MAC Address, Manufacturer, Open Ports, and more. Manage and Protect those devices from the same endpoint agent.