SentinelOne

SentinelOne

  • $0.00
    Unit price per 


Select this SKU for access to the SentinelOne Complete, SentinelOne Control, and SentinelOne Core packages. SentinelOne provides prevention and detection of attacks across all major vectors, rapid elimination of threats with fully automated, policy-driven response capabilities, and complete visibility into the endpoint environment with full-context, real-time forensics. Please note that SentinelOne Control is only available to net new customers at this time.
SentinelOne Core has all endpoint security essential features in place, including prevention, detection, and response. It provides prevention and detection of attacks across all major vectors, rapid elimination of threats with fully automated, policy-driven response capabilities, and complete visibility into the endpoint environment with full-context, real-time forensics.

The innovative security solution offers broad protection against diverse modes of attack, including:

Malware

Executables - Trojans, malware, worms, backdoors, payload-based Fileless - Memory-only malware, no-disk-based indicators

Exploits

Documents - Exploits rooted in Office documents, Adobe files, macros, spear-phishing emails Browser - Drive-by downloads, Flash, Java, Javascript, VBS, IFrame/HTML5, plug-ins

Live/Insider

Scripts - Powershell, WMI, PowerSploit, VBS Credentials - Mimikatz, credentials scraping, tokens

SentinelOne Core delivers multi-layered AI-powered endpoint protection, with Static AI pre-execution protection for known and unknown file based malware, and Behavioral AI agent-side behavioral monitoring that covers any attack vector, including unknown exploits and bypass attempts of traditional anti-virus.

The Behavioral AI engine is built to detect and mitigate malicious code and scripts in documents and is capable of detecting fileless attacks and exploits. Lateral Movement uses Behavioral AI to discover attempts coming from another device over the network.

SentinelOne Core offers attack remediation, cleaning all artifacts of a malicious attempt, including registry, scheduled tasks and more, while Rollback Revert returns an endpoint its pre-infected state. Upon detection, SentinelOne can immediately stop lateral threat spread cold by disconnecting the infected endpoint from the network while still maintaining the agent’s connection to the management console.

SentinelOne Core includes basic EDR/Threat Hunting, which provides the ability to search for attack indicators, investigate existing incidents, perform file integrity monitoring, and root out hidden threats. It includes an Attack Storyline, a visual diagram representing an execution flow, helping IR teams to quickly evaluate the impact of any threat.

In addition, Device Control enables you to apply policy and control USB and peripheral devices connected to your assets.

SentinelOne Control builds on all the features of SentinelOne Core and adds desired security suite features like device control and endpoint firewall control. It also adds full remote shell execution to ease IT overhead and provide uncharacteristic levels of granular control for management endpoints. Control unlocks granular device hardening capabilities for USB/Bluetooth devices, on-device firewalling, visibility and vulnerability management, and secure command-line access to devices.

This robust package includes:

Device Control for policy-based control of all USD device peripherals
Firewall Control for policy-based control of network connectivity to and from assets, including location-awareness
Vulnerability Management, in addition to Application Inventory, for insight into third-party apps that have known vulnerabilities mapped to the MITRE CVE database
Full Remote Shell capability for direct endpoint access by incident responders and forensics personnel
SentinelOne Complete adds more advanced capabilities to SentinelOne Core, such as threat hunting and Deep Visibility. It provides prevention and detection of attacks across all major vectors, rapid elimination of threats with fully automated, policy-driven response capabilities, and complete visibility into the endpoint environment with full-context, real-time forensics.

SentinelOne Complete includes Advanced EDR/Threat Hunting, which provides the ability to search for attack indicators, investigate existing incidents, perform file integrity monitoring, and root out hidden threats. It includes an Attack Storyline, a visual diagram representing an execution flow, helping IR teams to quickly evaluate the impact of any threat. Advanced capabilities include Deep Visibility into every event on the agent, including the ability to search for historic data, and visibility into the encrypted network traffic without pushing certificates or the need for expensive SSL appliances/blades.

In addition, SentinelOne Complete has broader Device Control capabilities, including firewall control, which enables the management of the personal firewall on your endpoints. With Complete you can also manage your disk encryption status and keys using the SentinelOne console.


Features
Single, holistic agent for PC, Mac, Linux, VDI
Multi-layered AI-powered endpoint protection
Advanced Threat Hunting and device controls
Policy-driven response to threats
Key Benefits
Enterprise proved and easily scalable
Certified and recognized as an industry-leading solution
Helps eliminate notification fatigue
This service is billed based upon accrued usage after the close of the billing cycle.