SentinelOne

Next-Generation Endpoint Protection

Request an Exclusive Demoosicons

Next generation endpoint protection is here. SentinelOne solutions stop advanced malware and deliver real-time endpoint forensics to provide comprehensive protection of Windows, OS X, and mobile devices

 

Next Generation Endpoint Protection

Organizations have traditionally relied on static methods to protect corporate endpoints (desktops, laptops, and servers) from malware attacks.

However, since attackers can automatically generate and tailor files per target using static methods to try and determine whether a file is malicious (including those that claim to use statistical or mathematical models) is futile.

Download our Next “Generation Endpoint Protection” white paper

SentinelOne’s unique approach focuses on the actual core of malware, its behavior, which cannot change as easily as its hash or other static indicators. SentinelOne solutions profile, track, assemble a context, and identify malicious behavior in real time during malware execution. and provides full visibility of applications or processes running on endpoints. Choose the right SentinelOne solution based on your organization’s needs:

SentinelOne EDR

EDR
Dynamic exploit detection – anti-exploit capabilities detect and prevent application and memory-based exploits based on the techniques themselves without relying on static measures. yes-sign
Dynamic execution inspection – continuously monitors endpoints to detect unknown threats. yes-sign
Real-time forensics – graphical reports deliver sandbox equivalent investigative capabilities generated during attacks. yes-sign
Automated mitigation – fully automates remediation and threat removal. yes-sign
Auto Immune – instantly shares new threat intelligence across endpoints to prevent reinfection. yes-sign
Whitelisting – easily specify safe apps and instantly blacklist malicious ones. yes-sign
Seamless integration – offload indicators using industry standard formats (CEF, STIX, OpenIOC) to seamlessly integrate with SIEMs, firewalls, and leading network security solutions. yes-sign
Works with existing corporate AV – rapidly deploy alongside leading corporate antivirus solutions. no-sign
Cloud intelligence – leverages up to the minute cloud intelligence and select reputation services to proactively block known threats yes-sign
Remediation – Restores endpoints to a trusted state – effectively reversing malware driven modifications. yes-sign

    Fully Automated cross-platform security

  • pc

    Monitors activity at all times without slowing performance.

  • Monitor

    Detects, predicts, blocks, and removes threats in real time.

  • threats

    Lowers costs with a faster, fully automated threat response.

  • automated threat

    Correlates and shares threat data to improve security.

  • improve security

    Supports all major platforms to ensure universal protection.

SentinelOne

Endpoint Detection and Response

Request an Exclusive Demoosicons

SentinelOne EDR stops advanced threats, and zero-day attacks to help enterprises augment existing protection of endpoints.
With dynamic execution inspection SentinelOne EDR detects advanced threats, provides automated mitigation, and generates real-time forensics.
SentinelOne EDR co-exists with leading traditional corporate endpoint protection solutions, and supports multiple endpoint platforms (desktops, servers, and mobile devices).

Testimonials

  • box-logo

    “With the onslaught of malicious actors deploying advanced malware and the limitations of existing antivirus software, SentinelOne is providing a critical solution to this problem. A solution that will benefit the entire industry.”


    BOX, Chief Trust Officer – Justin Somaini

  • rkon-logo

    “We’re confident with SentinelOne’s true behavioral monitoring capabilities to stop advanced threats. Our clients trust us to protect their assets which is why we’ve selected SentinelOne as a strategic security partner”


    RKON, Director of Sales – Jeff Laurinaitis

  • visa-logo

    “Protecting endpoint devices from increasingly sophisticated threats is a critical point of focus, since many of these can now bypass traditional signature-based security approaches. I am really impressed with SentinelOne’s ability to monitor all processes on a device, whether it is on or off the corporate network, and detect malware based on its behavior.”


    VISA, Director of Information Security Ben Carr

  • LCRA-logo

    “With Sentineone we have achieved a better level of protection with about a 50 percent savings, It has made the organization safer and smarter about security.”


    LCRA, chief security officer Larry Whiteside

Key Features

  • Dynamic Exploit Detection
    Includes anti-exploit capabilities to detect and prevent application and memory-based exploits based on the techniques themselves (e.g., heap spraying, stack pivots, ROP attacks, and memory permission modifications) without relying on static measures (e.g., shellcode scanning).
  • Dynamic Malware Detection
    Full system monitoring detects and blocks zero-day threats and advanced malware using execution inspection engine
  • Mitigation
    Mitigation actions can be performed manually or fully automated depending on the policy configured.
  • Autonomous agent
    Fully autonomous agent protects endpoints outside the corporate network regardless if they are on or offline without the need to offload data for centralized analysis or decision making.
  • Forensics
    Real-time binary and endpoint analysis and investigative capabilities generate intuitive reports during attacks.
  • Cross platform
    Monitor and protect endpoints across multiple OS platforms (Windows, OS X, Android, Linux*, iOS*) from a single console. *- Coming soon.

Read ESG Solution Showcase: SentinelOne Endpoint Protection

By JON OLTSIK, ESG – Senior Principal Analyst

In this report, ESG analysts Jon Oltsik and Doug Cahill provide a comprehensive analysis of SentinelOne EPP, the first next-generation, AV-TEST certified endpoint protection platform capable of replacing antivirus solutions and meeting regulatory compliance requirements. Bringing in data from their recent research, the analysts detail the changing endpoint security landscape, set forth endpoint security requirements, and explain how SentinelOne’s next-gen endpoint protection is a “one-stop shop” for these requirements.

Download full report

Protects

  • Windows and OS X desktops/servers
  • Mobile devices (Android and iOS)
  • Critical infrastructure, (e.g., SCADA)
  • Embedded systems (e.g., point-of-sale)
computer

System Requirements

Operating systems: Windows 7, 8, 8.1, Windows Server 2008 R2, 2012 R2, OS X 10.9.x or later

Virtual environments: vSphere, Microsoft Hyper-V, Citrix Xen Server, Xen Desktop, Xen App

Hardware: 1 GHz Dual-core CPU or better, 1GB RAM or higher if required by OS (recommended 2 GB), 1 GB free disk space

Management Server: Available as Cloud or On-premise deployment.

Comparison of SentinelOne EDR and Others

computer
Anti Exploit Sandbox AV Firewall
Targeted Attacks yes no no no no
Exploit yes yes no no no
Drive by yes yes no no no
Social yes no no no no
Physical yes no no no no
Zero Day yes yes no no no
Phishing yes no no no no
Predictive Execution Inspection yes no no no no
Passive Scanning yes no no no no
Real Time Mitigation yes no no no no
Real Time Forensic yes no no no no
Endpoint Remote Control yes no no yes no
Lightweight yes no no no
Unlimited Throughput yes yes no yes no
Off Network / Off-line yes yes no no no
Win 32 yes yes yes yes yes
Win 64 yes yes yes yes yes
OS-X yes no no yes yes
Android yes no no yes yes
  • * Coming Soon

Full Cycle of Protection
From Detection to Prevention

With the addition of cloud intelligence and whitelisting capabilities, SentinelOne Endpoint Detection and Response (EDR) delivers a full cycle of protection against known and unknown threats, from detection to prevention. Cloud intelligence proactively blocks known threats, while unknown threats are detected based on their behavior and automatically mitigated.

  • edr

    Automated Defense Powered By Cloud Intelligence

    Our proactive defense system is fully automated and removes malware without delay. Since we leverage cloud intelligence to scan for threats, there is no update maintenance or performance impact. Lightweight, intuitive, and fast, SentinelOne EDR outmaneuvers even the most advanced threats.

  • edr

    Faster Detection, Dynamic Prediction

    SentinelOne EDR made a giant leap in security innovation with the ability to accurately predict an attack sequence. Our prediction engine focuses on threats and how they behave, allowing us to detect, predict, and block threats – instantly. It’s a full cycle of protection designed to keep your business safe.

  • edr

    Dynamic Prediction

    SentinelOne EDR is the first and only solution to predict the attack sequence—a giant leap in security innovation. The predictive execution inspection engine determines what the threat is likely to do next, based on attack patterns, malware techniques, and up-to-the-minute crowdsourced threat intelligence. With dynamic behavioral patterning, SentinelOne security is able to sort, optimize, and match the type of attack with superior accuracy.

  • edr

    Redefines AV Scanning

    SentinelOne EDR leverages the cloud intelligence and leading reputation services to detect and proactively block known threats. This unique passive scan feature provides wider protection coverage, and since the scanning occurs in the cloud, there is zero update maintenance, and no performance impact.

  • edr

    Full Remediation

    SentinelOne EDR goes the full distance, automating remediation and threat removal. By rapidly responding to active malware infections, it reduces dwell times and minimizes damage. Other EDR products will just alert you to a new attack and provide recommendations on how you might be able to block and remove the malware yourself. This will significantly add to your costs in terms of prolonged data theft and administrative overhead.

  • edr

    Hacker Proof

    SentinelOne EDR is immune to evasion techniques used to bypass network security because our core detection engine runs on the endpoint, the attacker’s target. It sees what is happening on your device and responds based on dynamic real-time data versus static signatures, IOCs, or whitelists. It doesn’t need prior knowledge of a specific binary to block an attack, making it the first true defense against one-of-a-kind advanced threats and targeted attacks.

  • edr

    No Delays

    A thin client runs on every endpoint without slowing performance. Unlike high-volume antivirus scans that interrupt system processes, our agent simply observes, trailing the processes, not delaying them. SentinelOne EDR is also fully distributed, since each endpoint is secured by its own client. This turns every endpoint into a detection sensor, improving protection and eliminating throughput issues, a common problem with network-based security.

  • edr

    Low Maintenance

    Every step is automated—to speed response times, minimize damage, and reduce administration. All infections are signed, pushed to your endpoints, and shared with the crowdsourced SentinelOne community. This intelligent, built-in response chain minimizes the time and cost to manage security across all endpoints, local and remote. A central management console and real-time reports give you full visibility and forensic tools, accessible from any device, anywhere.

  • edr

    Custom Fit

    SentinelOne EDR ensures universal protection across all endpoints on Windows, OS X, iOS, Android, and Linux. Our IT pros install and configure the agents for you so security is optimized for each IT environment. The management console gives comprehensive real-time visibility that’s accessible from any device, anywhere.

SentinelOne

Endpoint Protection Platform

Request Evaluation Now osicons

Elevate endpoint protection beyond just AV- next generation endpoint protection is here. Replace your AV with SentinelOne EPP, an innovative enterprise solution that delivers a complete suite of protection against targeted attacks, advanced threats, and zero day attacks by tracking malicious behavior, in real-time, across multiple endpoints. It’s a next generation defense in a new era of threats.

Testimonials


  • “With the onslaught of malicious actors deploying advanced malware and the limitations of existing antivirus software, SentinelOne is providing a critical solution to this problem. A solution that will benefit the entire industry.”


    BOX, Chief Trust Officer – Justin Somaini


  • “We’re confident with SentinelOne’s true behavioral monitoring capabilities to stop advanced threats. Our clients trust us to protect their assets which is why we’ve selected SentinelOne as a strategic security partner”


    RKON, Director of Sales – Jeff Laurinaitis


  • “Protecting endpoint devices from increasingly sophisticated threats is a critical point of focus, since many of these can now bypass traditional signature-based security approaches. I am really impressed with SentinelOne’s ability to monitor all processes on a device, whether it is on or off the corporate network, and detect malware based on its behavior.”


    VISA, Director of Information Security Ben Carr

  • LCRA-logo

    “With Sentineone we have achieved a better level of protection with about a 50 percent savings, It has made the organization safer and smarter about security.”


    LCRA, chief security officer Larry Whiteside

Key Features

  • Dynamic Exploit Detection
    Includes anti-exploit capabilities to detect and prevent application and memory-based exploits based on the techniques themselves (e.g., heap spraying, stack pivots, ROP attacks, and memory permission modifications) without relying on static measures (e.g., shellcode scanning).
  • Dynamic Malware Detection
    Full system monitoring detects and blocks zero-day threats and advanced malware using execution inspection engine
  • Mitigation
    Mitigation actions can be performed manually or fully automated depending on the policy configured.
  • Autonomous agent
    Fully autonomous agent protects endpoints outside the corporate network regardless if they are on or offline without the need to offload data for centralized analysis or decision making.
  • Forensics
    Real-time binary and endpoint analysis and investigative capabilities generate intuitive reports during attacks.
  • Cross platform
    Monitor and protect endpoints across multiple OS platforms (Windows, OS X, Android, Linux*, iOS*) from a single console. *- Coming soon.

Read ESG Solution Showcase: SentinelOne Endpoint Protection

By JON OLTSIK, ESG – Senior Principal Analyst

In this report, ESG analysts Jon Oltsik and Doug Cahill provide a comprehensive analysis of SentinelOne EPP, the first next-generation, AV-TEST certified endpoint protection platform capable of replacing antivirus solutions and meeting regulatory compliance requirements. Bringing in data from their recent research, the analysts detail the changing endpoint security landscape, set forth endpoint security requirements, and explain how SentinelOne’s next-gen endpoint protection is a “one-stop shop” for these requirements.

Download full report

Protects

  • Windows and OS X desktops/servers
  • Mobile devices (Android and iOS)
  • Critical infrastructure, (e.g., SCADA)
  • Embedded systems (e.g., point-of-sale)
computer

System Requirements

Operating systems: Windows 7, 8, 10, 8.1, Windows Server 2008 R2, 2012 R2, OS x 10.11.x or later

Virtual environments: vSphere, Microsoft Hyper-V, Citrix Xen Server, Xen Desktop, Xen App

Hardware: 1 GHz Dual-core CPU or better, 1GB RAM or higher if required by OS (recommended 2 GB), 2 GB free disk space

Management Server: Available as Cloud or On-premise deployment.

SentinelOne EPP Prevention Features

computer
EPP EDR
Dynamic exploit detection – anti-exploit capabilities detect and prevent application and memory-based exploits based on the techniques themselves without relying on static measures. yes yes
Dynamic execution inspection – continuously monitors endpoints to detect unknown threats. yes yes
Real-time forensics – graphical reports deliver sandbox equivalent investigative capabilities generated during attacks. yes yes
Automated mitigation – fully automates remediation and threat removal. yes yes
Auto Immune – instantly shares new threat intelligence across endpoints to prevent reinfection. yes yes
Whitelisting – easily specify safe apps and instantly blacklist malicious ones. yes yes
Seamless integration – offload indicators using industry standard formats (CEF, STIX, OpenIOC) to seamlessly integrate with SIEMs, firewalls, and leading network security solutions. yes yes
Cross platform support (Windows, OS X, Android, Linux*, IOS*). yes yes
Works with existing corporate AV – rapidly deploy alongside leading corporate antivirus solutions. yes yes
Cloud intelligence – leverages up to the minute cloud intelligence and select reputation services to proactively block known threats yes no
Remediation – Restores endpoints to a trusted state – effectively reversing malware driven modifications. yes no

Next Generation Endpoint Protection

Rethink your Enterprise Security. Stop advanced attacks in real time with a full cycle of protection across multiple platforms.

Find Out More
 

EDR

AUGMENT ANTIVIRUS
Endpoint Detection & Response

Augment Your Antivirus

EPP

REPLACEANTIVIRUS
Endpoint Protection Platform

Replace Antivirus