We are thrilled to announce the General Availability of our 2.6 Agents and Central Park Management Console.
Central Park brings SentinelOne’s unmatched detection capabilities into the multi-tenancy world. With this release, large enterprises with sites around the globe can manage their security with ease. It’s also great news for MSPs and MSSPs, who can now build their business on top of the SentinelOne offering and provide more value to their customers. Central Park includes a complete rewrite of our Management Console, built with the newest and most secure technologies available.
In this post, I will review the most significant changes in the release.
Starting in this Central Park release, security managers can view assets on a global view and on a site view, depending on the permissions associated with each administrator. It allows for both the autonomy and the control needed by the enterprise.
Site and License Management
Global admins have better control over licensing consumption and visibility, directly from the SentinelOne console.
Improved Analyze View
The Analyze view redesign makes it easier to grasp the overall security status at a glance. We have added a wide range of filters to search for many different attributes of a threat. Free text search in combination with the filters is now supported.
Classification makes it simpler to prioritize security incidents and resolve them faster. Examples of classifications are Exploit, Ransomware, Trojan, Backdoor, Keylogger, and many others.
Improved Reports View
Seamless Active Directory Support
We have removed the need to connect SentinelOne console to your AD domain controller or to configure anything. Starting with 2.6, the SentinelOne agent queries the endpoint for its AD membership and sends that data to management.
Deep Visibility Enhancements
Deep Visibility allows the IR team and administrators to look into every activity on their endpoints, regardless of whether it is on Windows, macOS, or Linux. Beyond UX and UI improvements, we have added the ability to create a watchlist. Just create your query, save it as a watchlist, select who needs to be notified, and you are done.
We take pride in the simplicity of the policy options in SentinelOne. In fact, since our last significant change in policy (2.0 release) we found that most of our customers adapt quickly, without any need for a walkthrough. That said, the underlying configuration allows you much greater flexibility, including the ability to change even a single parameter on a single device. This may be needed for a particular user or group within your environment. To make these scenarios easy, we expanded our configuration, and we now allow you to change anything you might need, directly from the Console itself, saving you time and IT overhead.
Until 2.6, we sent each Console a dedicated Agent, embedded with the right URL and configuration. We found this to be the most secure and straightforward way to deploy our technology. As we experience significant growth in the number and size of our customers, we’ve taken another step to give IT professionals more control in the deployment process by using token-based deployment. With tokens, you do not need SentinelOne support at any stage of your initial deployment, and you are entirely in control.
WSL provides a Linux-compatible kernel interface developed by Microsoft (containing no Linux kernel code) which can run a GNU Userland on top of it. This Userland can contain a Bash shell and command language, with native Linux command-line tools (sed, awk) and programming language interpreters (Ruby, Python, etc.). WSL is excellent news for sysadmins and IT professionals, but also provides a bypass to traditional defenses. As such, we developed a way to inspect WSL and to distinguish benign uses from malicious ones.
DFI (Static AI)
We are releasing a new version of our DFI, SentinelOne static AI module, capable of preventing the execution of malicious files. We have also improved the correlation between our engines, to ensure mitigation of the entire malicious chain, enriching the behavioral AI too.
New Logo, New Branding
We felt the time was right to introduce a new logo and brand message to convey who we are and the value we deliver to our customers. A message about time: “it’s about time.” It’s about time because we save our customers’ valuable time by preventing and catching threats at machine speed, and it’s about time that the market demanded a solution that converges EPP & EDR into ONE purpose-built agent.
Enhanced Agent Performance
Optimization of Agent-Management protocol – for lower bandwidth consumption and reduced bit-rate peaks.
The unspoken risks of security today include complexity and management overhead. To keep your assets secure, you need prevention, detection, and response at scale, but you also need a solution that is easy to manage. At SentinelOne, we solve this problem by making our technology accessible and making AI and automation work in your favor.
Central Park is already in use for new deployments, including managed services, at scale.
Existing customers will be upgraded to this codebase as part of the Denali release in August 2018.
We continue to improve all aspects of the product: simplifying both the user and management experience, adding greater prevention and detection capabilities, and improving performance.
From SentinelOne’s perspective, this marks a new benchmark for enterprise readiness and supports the growth that SentinelOne expects in 2018.