SentinelOne for macOS High-Sierra

We have been getting numerous inquiries about our macOS High-Sierra (10.13) support, so this post is to reassure customers that we supported High-Sierra with our 2.0 build from day 1.

Our RnD team has been working with multiple beta builds of High-Sierra over the last few months.  In fact, High-Sierra had the maximum number of beta builds before it was made generally available.  And, High-sierra introduced a lot of changes, including the way drivers are being authorized and loaded.

In our 2.0 agent, we now support dyld3-loaded binaries for collecting the information that is used for detecting threats.  The agent has some of the best anti-exploit technology built in, including detection of ROP and Stack pivot attacks.  We have also made significant performance enhancements by selectively monitoring and injecting into high-risk processes.  To use the 2.0 agent, you must upgrade to the 2.0 management console.  All settings are backward compatible, so you will be able to run older agents against the 2.0 console.

In our next release, we will be adding the deep visibility functionality to the mainstream agent.  This functionality is now available in Beta and gives you unprecedented info about all process, file, dns and network activity on the system.  This will ship as version 2.5 before Christmas.