The Mandate: Preserve Student Data and Learning
Across Pennsylvania, the mission for school technology teams is clear — protect sensitive data and keep student learning on track.
“Every single kid matters,” stressed David Martin, CIO at Capital Area Intermediate Unit (CAIU), a regional educational agency serving four Pennsylvania counties and 85,000 students. “If you lose instructional time, that’s hard to get back.” When cyberattacks increased across the state, Martin set out to change that, first at his agency and then statewide.
Endpoint Protection and AI Automation
Across the state, 29 Intermediate Units (IUs) act as a layer between the Pennsylvania Department of Education and the local school districts, providing a range of services. When breaches to school districts started showing up weekly around the state, CAIU began the search for a replacement to their legacy anti-virus solutions. Over six months, the team evaluated leading platforms against MITRE results and Gartner ratings, completing evaluations and proofs of concept. SentinelOne quickly rose to the top for endpoint protection, ease of use, and AI-powered automation.
“We chose SentinelOne because it was not only the most effective within MITRE, but the most effective and intuitive for us,” Martin said. “It was the only tier-one solution with individuals who spent the time to understand our pain and earn my trust.”
A 24×7 SOC with Wayfinder MDR
An around-the-clock security operations center (SOC) was critical for CAIU and other districts, but the cost previously put that out of reach. Wayfinder MDR offered an affordable route to 24×7 SOC coverage and alert management.
Wayfinder MDR assesses the validity of threats and remediates them in real time, often by the time agency staff log in.
Meanwhile, Singularity Endpoint provides AI-based threat prevention, automated response, full visibility into incidents, and device rollback to the original state.
And so they leave no device behind, Network Discovery identifies all connected devices — agented or not — and spots rogue or vulnerable assets.
Simplified, Centralized AI SIEM
For Pennsylvania public school tech teams, security information and event management (SIEM) offerings were typically cost-prohibitive, too cumbersome, or lacked automation. SentinelOne AI SIEM brought affordable centralized logging, correlation, detection, and autonomous response for not just endpoint, but for firewalls, MFA, Office 365, email security, Secure Access Service Edge, Google, and beyond.
“SentinelOne’s AI SIEM was easier for us and our schools to operationalize with its ease of deployment and built-in detection, response, and automation across our entire stack,” Martin said.
Further reducing the burden on the team, Purple AI brings natural language investigations, proactive checks, and faster responses.
“Purple AI gives us AI-generated reports and alerts that are so much easier to understand and query in a normal speaking language,” Martin said.
Rollback in Minutes
At CAIU, the move to SentinelOne reduced incidents and expedited response times. Uniquely, Singularity Endpoint automatically removes files or rolls back changes made by malicious software — getting devices and users back online in mere minutes instead of hours or days.
They can see threats with unprecedented visibility and trust that alerts are true. SentinelOne even saved the day for a school not yet migrated to the platform. When a cyber incident hit, a response team employed SentinelOne solutions to find and resolve the threat rapidly.
Saving Millions Statewide
After SentinelOne served as a proof of concept at CAIU, Martin quickly helped start and grow an initiative to bring SentinelOne to IUs statewide.
“By implementing SentinelOne’s three core components in the statewide solution — Endpoint, Network Discovery, and Wayfinder — districts gained most of the cyber protection they need and replaced other products they were using,” Stumpf said.
Standardizing with a statewide EDR and MDR solution accelerated access to industry-leading, affordable coverage. Hundreds of districts have now replaced legacy anti-virus with SentinelOne, reducing point tools and boosting cyber resilience.
“We’ve implemented SentinelOne in half the school districts in Pennsylvania in just two years — saving approximately $5.2 million in taxpayers’ money,” Martin said. “In 18 years in my role, I’ve had a lot of partnerships, but not one that has developed to the trust that we have with SentinelOne. I sleep better knowing I have a trusted partner I can reach out to.”
