Blog

SentinelOne Releases Open Source Tool to Help Enterprises Protect from the Latest macOS Code-Signing Vulnerability

What Happened? It was published on June 12th that security firm Okta unveiled a code signing vulnerability in macOS that revolves around validation of universal/FAT binaries. An attack exploiting this vulnerability may give an attacker the ability to make an improperly or weakly signed binary look like a signed binary with a valid certificate chain whose root […]

SentinelOne Detects New Malicious PDF File

Documents have always been a popular attack vector. Documents, unlike executables, have been traditionally considered less suspicious and harmful. This concept made it easier for attackers using them to circumvent traditional security solutions. But, over time and with the growing scripting and macro capabilities, documents became much more similar to executables, in a sense that […]

Reflection on Gartner Information Security & Risk Management Conference 2018

The 2018 Gartner Information Security & Risk Management Summit covers cybersecurity, risk management, information security, cloud technology, and more. At the summit this year, Gartner focused on the changes and challenges facing modern IT and infrastructure – and there are many. One theme that permeated several keynotes was that 40%+ of US businesses were compromised […]

Central Park Feature Glance – Enhanced Reporting

In my experience in working across many different security vendor products, reporting always seems to be an after thought. This has always puzzled me as the question I would think that should always be asked is “what value is this product adding to my environment?” Sometimes this is easy to explain among security professionals, […]

SentinelOne Detects and Blocks New Variant of Powershell CryptoWorm

Introduction Late last year, Marco Ramilli posted an article on in-memory Powershell-WMI CryptoWorm. Here at SentinelOne, we found a new active variant of this spreading CryptoWorm. In this post we will review what’s new in this variant and suggest how to remove it from an infected network. What’s new in this version? Communication This CryptoWorm […]

Central Park Feature Glance – Analyze View Improvements

In this Central Park blog post we will focus on the enhancements made to the Analyze View within the SentinelOne console. First, please let me provide a bit of background. If you are unfamiliar with the Analyze View in previous versions before Central Park, it was a tab within the Sentinelone console that provided the […]

Central Park Feature Glance – Deep Visibility Watchlists

Today’s blog post will focus on a new enhancement to our Deep Visibility solution. With our Central Park release, we have introduced the concept of Watchlists. This module allows the SentinelOne administrator to create alerts based off Deep Visibility data, which could be anything from modifications to critical files, web requests to a given […]

GDPR is Coming – SentinelOne Can Help

Starting on May 25, 2018, GDPR sets strict new requirements for the protection of personal data for EU residents, requiring all organizations that control and process PII to implement best in class technical measures to secure and prevent data breaches. With SentinelOne’s market-leading suite of solutions and services, organizations can ensure compliance with the regulation’s requirements […]

Central Park Feature Glance – Active Directory Integration Demonstration

In yesterday’s blog post we detailed what options are available for AD Integration and why I feel that SentinelOne has the best approach to this integration. The purpose of today’s blog will be to detail how our customers can leverage and configure this feature. More in particular, how to create a SentinelOne group based off […]