SentinelOne

Next-Generation Endpoint Protection

Request an Exclusive Demo

Next generation endpoint protection is here. SentinelOne solutions stop advanced malware and deliver real-time endpoint forensics to provide comprehensive protection of Windows, OS X, and mobile devices

 

Next Generation Endpoint Protection

Organizations have traditionally relied on static methods to protect corporate endpoints (desktops, laptops, and servers) from malware attacks.

However, since attackers can automatically generate and tailor files per target using static methods to try and determine whether a file is malicious (including those that claim to use statistical or mathematical models) is futile.


SentinelOne’s unique approach focuses on the actual core of malware, its behavior, which cannot change as easily as its hash or other static indicators. SentinelOne solutions profile, track, assemble a context, and identify malicious behavior in real time during malware execution. and provides full visibility of applications or processes running on endpoints. Choose the right SentinelOne solution based on your organization’s needs:

SentinelOne EDR

EDR
Dynamic exploit detection – anti-exploit capabilities detect and prevent application and memory-based exploits based on the techniques themselves without relying on static measures.
Dynamic execution inspection – continuously monitors endpoints to detect unknown threats.
Real-time forensics – graphical reports deliver sandbox equivalent investigative capabilities generated during attacks.
Automated mitigation – fully automates remediation and threat removal.
Auto Immune – instantly shares new threat intelligence across endpoints to prevent reinfection.
Whitelisting – easily specify safe apps and instantly blacklist malicious ones.
Seamless integration – offload indicators using industry standard formats (CEF, STIX, OpenIOC) to seamlessly integrate with SIEMs, firewalls, and leading network security solutions.
Works with existing corporate AV – rapidly deploy alongside leading corporate antivirus solutions.
Cloud intelligence – leverages up to the minute cloud intelligence and select reputation services to proactively block known threats
Remediation – Restores endpoints to a trusted state – effectively reversing malware driven modifications.

    Fully Automated cross-platform security

  • Monitors activity at all times without slowing performance.

  • Detects, predicts, blocks, and removes threats in real time.

  • Lowers costs with a faster, fully automated threat response.

  • Correlates and shares threat data to improve security.

  • Supports all major platforms to ensure universal protection.

SentinelOne

Endpoint Detection and Response

Request an Exclusive Demo

SentinelOne EDR stops advanced threats, and zero-day attacks to help enterprises augment existing protection of endpoints.
With dynamic execution inspection SentinelOne EDR detects advanced threats, provides automated mitigation, and generates real-time forensics.
SentinelOne EDR co-exists with leading traditional corporate endpoint protection solutions, and supports multiple endpoint platforms (desktops, servers, and mobile devices).

Key Features

  • Dynamic Exploit Detection
    Includes anti-exploit capabilities to detect and prevent application and memory-based exploits based on the techniques themselves (e.g., heap spraying, stack pivots, ROP attacks, and memory permission modifications) without relying on static measures (e.g., shellcode scanning).
  • Dynamic Malware Detection
    Full system monitoring detects and blocks zero-day threats and advanced malware using execution inspection engine
  • Mitigation
    Mitigation actions can be performed manually or fully automated depending on the policy configured.
  • Autonomous agent
    Fully autonomous agent protects endpoints outside the corporate network regardless if they are on or offline without the need to offload data for centralized analysis or decision making.
  • Forensics
    Real-time binary and endpoint analysis and investigative capabilities generate intuitive reports during attacks.
  • Cross platform
    Monitor and protect endpoints across multiple OS platforms (Windows, OS X, Android, Linux*, iOS*) from a single console. *- Coming soon.

Protects

  • Windows and OS X desktops/servers
  • Mobile devices (Android and iOS)
  • Critical infrastructure, (e.g., SCADA)
  • Embedded systems (e.g., point-of-sale)

System Requirements

Operating systems: Windows 7, 8, 8.1, Windows Server 2008 R2, 2012 R2, OS X 10.8.4 or later, 10.9.x, 10.10

Virtual environments: vSphere, Microsoft Hyper-V, Citrix Xen Server, Xen Desktop, Xen App

Hardware: 1 GHz Dual-core CPU or better, 1GB RAM or higher if required by OS (recommended 2 GB), 1 GB free disk space

Management Server: Available as Cloud or On-premise deployment.

Comparison of SentinelOne EDR and Others

Anti Exploit Sandbox AV Firewall
Targeted Attacks
Exploit
Drive by
Social
Physical
Zero Day
Phishing
Predictive Execution Inspection
Passive Scanning
Real Time Mitigation
Real Time Forensic
Endpoint Remote Control
Lightweight
Unlimited Throughput
Off Network / Off-line
Win 32
Win 64
OS-X
Android
  • Threat Vector
  • Features
  • Platforms
  • Yes
  • No
  • Partial

Full Cycle of Protection
From Detection to Prevention

With the addition of cloud intelligence and whitelisting capabilities, SentinelOne Endpoint Detection and Response (EDR) delivers a full cycle of protection against known and unknown threats, from detection to prevention. Cloud intelligence proactively blocks known threats, while unknown threats are detected based on their behavior and automatically mitigated.

  • Automated Defense Powered By Cloud Intelligence

    Our proactive defense system is fully automated and removes malware without delay. Since we leverage cloud intelligence to scan for threats, there is no update maintenance or performance impact. Lightweight, intuitive, and fast, SentinelOne EDR outmaneuvers even the most advanced threats.

  • Faster Detection, Dynamic Prediction

    SentinelOne EDR made a giant leap in security innovation with the ability to accurately predict an attack sequence. Our prediction engine focuses on threats and how they behave, allowing us to detect, predict, and block threats – instantly. It’s a full cycle of protection designed to keep your business safe.

  • Dynamic Prediction

    SentinelOne EDR is the first and only solution to predict the attack sequence—a giant leap in security innovation. The predictive execution inspection engine determines what the threat is likely to do next, based on attack patterns, malware techniques, and up-to-the-minute crowdsourced threat intelligence. With dynamic behavioral patterning, SentinelOne security is able to sort, optimize, and match the type of attack with superior accuracy.

  • Redefines AV Scanning

    SentinelOne EDR leverages the cloud intelligence of over 40 scan engines and leading reputation services to detect and proactively block known threats. This unique passive scan feature provides wider protection coverage, and since the scanning occurs in the cloud, there is zero update maintenance, and no performance impact.

  • Full Remediation

    SentinelOne EDR goes the full distance, automating remediation and threat removal. By rapidly responding to active malware infections, it reduces dwell times and minimizes damage. Other EDR products will just alert you to a new attack and provide recommendations on how you might be able to block and remove the malware yourself. This will significantly add to your costs in terms of prolonged data theft and administrative overhead.

  • Hacker Proof

    SentinelOne EDR is immune to evasion techniques used to bypass network security because our core detection engine runs on the endpoint, the attacker’s target. It sees what is happening on your device and responds based on dynamic real-time data versus static signatures, IOCs, or whitelists. It doesn’t need prior knowledge of a specific binary to block an attack, making it the first true defense against one-of-a-kind advanced threats and targeted attacks.

  • No Delays

    A thin client runs on every endpoint without slowing performance. Unlike high-volume antivirus scans that interrupt system processes, our agent simply observes, trailing the processes, not delaying them. SentinelOne EDR is also fully distributed, since each endpoint is secured by its own client. This turns every endpoint into a detection sensor, improving protection and eliminating throughput issues, a common problem with network-based security.

  • Low Maintenance

    Every step is automated—to speed response times, minimize damage, and reduce administration. All infections are signed, pushed to your endpoints, and shared with the crowdsourced SentinelOne community. This intelligent, built-in response chain minimizes the time and cost to manage security across all endpoints, local and remote. A central management console and real-time reports give you full visibility and forensic tools, accessible from any device, anywhere.

  • Custom Fit

    SentinelOne EDR ensures universal protection across all endpoints on Windows, OS X, iOS, Android, and Linux. Our IT pros install and configure the agents for you so security is optimized for each IT environment. The management console gives comprehensive real-time visibility that’s accessible from any device, anywhere.

SentinelOne

Endpoint Protection Platform

Request an Exclusive Beta Demo
[contact-form-7 404 "Not Found"]



Elevate endpoint protection beyond just AV- next generation endpoint protection is here. Replace your AV with SentinelOne EPP, an innovative enterprise solution that delivers a complete suite of protection against targeted attacks, advanced threats, and zero day attacks by tracking malicious behavior, in real-time, across multiple endpoints. It’s a next generation defense in a new era of threats.

Key Features

  • Prevention

    Prevents known in-the-wild threats by leveraging up to the minute cloud intelligence and select reputation services to proactively block threats before they can execute on endpoints.

  • Dynamic Exploit Detection
    Prevents attacks using memory and app exploits by detecting the actual exploit techniques (e.g, heap spraying, stack pivots, ROP attacks, and memory permission modifications) and not relying on static measures like shellcode scanning.
  • Dynamic Malware Detection
    Stops targeted and zero day attacks through real-time monitoring and analysis, combined with the ability to inspect execution and assemble true execution context without the need for static measures. Monitoring and analysis of application and process behavior occurs at low-level instrumentation of OS activities and operations, including memory, disk, registry, network, and more. The ability to inspect and assemble the true execution context is critical to stop attackers since they have learned to take advantage of hooking into system processes and benign applications.
  • Mitigation

    Beyond just detection, manual or fully automated mitigation options can be configured via policy and include various actions such as: killing malicious processes, quarantining infected machines or even completely shutting them down.

  • Remediation
    Restores endpoints to a trusted state – effectively reversing any malware driven modifications.
  • Forensics
    Media-rich reports during attacks track malicious activity and provide clear visibility in a timely manner so security staff can communicate across the organization and make better decisions.
  • Single Solution, Multiple Platforms
    Provides a single, comprehensive solution to protect endpoints across multiple OS platforms (Windows, OS X, Android, Linux*, iOS*)
    * Coming soon
  • Always on protection

    Provides continuous protection of endpoints via an autonomous agent that instantly analyzes and stops threats without the need to offload any data, regardless if endpoints are on/off network or whether they are connected to the Internet.

Protects

  • Windows and OS X desktops/servers
  • Mobile devices (Android and iOS)
  • Critical infrastructure, (e.g., SCADA)
  • Embedded systems (e.g., point-of-sale)

System Requirements

Operating systems: Windows 7, 8, 8.1, Windows Server 2008 R2, 2012 R2, OS X 10.8.4 or later, 10.9.x, 10.10

Virtual environments: vSphere, Microsoft Hyper-V, Citrix Xen Server, Xen Desktop, Xen App

Hardware: 1 GHz Dual-core CPU or better, 1GB RAM or higher if required by OS (recommended 2 GB), 1 GB free disk space

Management Server: Available as Cloud or On-premise deployment.

Next Generation Endpoint Protection

Rethink your Enterprise Security. Stop advanced attacks in real time with a full cycle of protection across multiple platforms.

Find Out More
 

EDR

AUGMENT ANTIVIRUS
Endpoint Detection & Response

SentinelOne EDR stops advanced threats, and provides real-time forensics across multiple platforms.

Augment Antivirus

EPP

AUGMENT ANTIVIRUS
Endpoint Protection Platform

SentinelOne EPP combines EDR and endpoint protection functionality into one solution.

Replace Antivirus

Beta Sign Up

Coming Soon

Be ready for a new beginning