SentinelOne

University

Enhance your cybersecurity and endpoint protection skills with the SentinelOne University program.

Education Designed for

Professionals in all Industries

Cyber criminals use sophisticated techniques to breach corporate networks, in contrast cybersecurity specialists must learn how to prevent, detect, respond, and hunt for security breaches. SentinelOne University training courses are designed to educate professionals in the latest SentinelOne EPP & EDR technology and prepare them with the skills and workflows necessary to improve and strengthen the security of their corporate network.

The SentinelOne University program provides flexible training options, from live in-person, live on-line, on-demand technology training, and custom private on-site training events.

SentinelOne University

Courses

Courses:

Sentinelone Administrator course
1 day course -- 2 credits per seat

SentinelOne Investigator Course
2 day course -- 4 credits per seat

SentinelOne IR Threat Hunting
1 Day course -- 2 credits per seat

SentinelOne Custom Training Courses
2 credits per day per seat

This course catalog is your guide to all the SentinelOne University training courses including course information and syllabus.

Current Class Schedule

On-Demand Technology Training

SentinelOne University offers on-demand training allowing participants to learn anytime and anywhere on any device, at their own pace. Participants will have access to in-depth video lectures taught by SentinelOne University certified instructors and course materials.

How to register for SentinelOne University On-Demand is as easy as 1, 2, 3:

• Step 1: Purchase Training Credits. You can contact your Sales Representative to pruchase credits

• Step 2: Contact SentinelOne at training@sentinelone.com and request access to the On-Demand Learning Environment.

• Step 3: Choose the courses you want to take! You will get access to course manuals and the videos that you can watch at your pace with the ability to pause, rewind, move forward or watch again.


Additional Details:
• The course is valid for a period of 120 days.

• Once you have completed each section, you will be offered a review exam to reinforce the learning objectives.

• After you complete all of the sections, you will be offered a comprehensive exam. Successful completion of the exam will grant you a Certificate of Completion to the course. The passing score is 80% and you receive two attempts to pass.


SentinelOne University courses available On-Demand

· S1-200 SentinelOne Core Workshop (1 Training Credit)

Continue to check for new courses as they are added.

Training Credits

Training Credits Overview

  • Training Credits are designed for individuals and companies that want to purchase training for multiple employees and need the flexibility to decide who attends the training and when.
  • Training Credits can be used to purchase online and on-site training courses as well as pay for SentinelOne Certification exams.
  • Ideal for volume license agreements, large projects, and end-of-year budget purchases.
  • Training credits cannot be used for T&E or other course-related expenses.
  • Clients will be responsible for the actual T&E after the training event is complete.

Training Credits Guidelines

  • There are no minimum purchase requirements or Training Credits.
  • Training Credits must be redeemed within one year from the date of purchase.
  • Training Credits due to expire can be extended one more year with the purchase of additional training credits.
  • Unused Training Credits at the end of one year are non-refundable.

Training Credit Details

Training Credits can be used for:

  • SentinelOne Training Courses (Public Online or Private On-Site)
  • SentinelOne Certification exam fees
  • When applied to training, Training Credits must be used for training that begins before the expiration date.
  • The customer must designate a primary point of contact who will be authorized to schedule training for their employees.
  • If a class attendee needs to reschedule a course, they must do so before the class starts in order to receive a credit refund.
  • Any class attendees who fail to attend a course and do not notify training prior to the class starting will forfeit the Training Credits for that course.
  • Enrollment in any class or exam can be completed by emailing training@sentinelone.com.

Training Credit Details

Sentinelone Administrator course
1 day course -- 2 credits per seat

SentinelOne Investigator Course
2 day course -- 4 credits per seat

SentinelOne IR Threat Hunting
1 Day course -- 2 credits per seat

SentinelOne Custom Training Courses
2 credits per day per seat


Contact SentinelOne Sales for more information and pricing: - sales@sentinelone.com

Certifications

SentinelOne Certified Administrator (SCA)

The SCA certification recognizes administrators who meet the knowledge and skills of administering the SentinelOne platform.  Prerequisites for this certification are the SentinelOne Administrator course (S1-201) and the SentinelOne Ranger Workshop (S1-204).  The open book examination contains 60 questions and applicants are allowed 90 minutes to complete the examination.  It is recommended that the applicants have access to the SentinelOne platform.  Applicants who are unsuccessful in their first attempt can retake the examination after 30 days.  The exam is designed to test the applicant’s knowledge on:

  •         Policy settings
  •         SentinelOne EDR platform configuration
  •         Site and Group creations
  •         User management
  •         Agent deployment and management
  •         Administrating the Blacklist and Exclusions
  •         Administrating Firewall and Device Controls
  •         Integrations and Notifications
  •         Application Risk Management
  •         Running reports
  •         Review the Activity page
  •         Ranger configuration
  •         Ranger Inventory review

SentinelOne Certified Investigator (SCI)

The SCIR certification recognizes Incident Investigators and Analysts who meet the knowledge and skills of identifying and responding to threats on the SentinelOne platform.  The prerequisite for this certification is the SentinelOne Investigator course (S1-202) or the SentinelOne Fundamentals course (S1-203).  The open book examination contains 60 questions and applicants are allowed 90 minutes to complete the examination.  It is recommended that the applicants have access to the SentinelOne platform.  Applicants who are unsuccessful in their first attempt can retake the examination after 30 days.  The exam is designed to test the applicant’s knowledge on:

  •         Identifying alerts
  •         Analyzing alerts
  •         Different detection engines
  •         Reviewing Forensic details

o   Classification

o   Status

o   Risk levels

o   Detection type

o   Indicators

o   Network Connections

o   Attack Overview

o   Attack Story Line

o   Raw Data Report

  •         Taking actions on Suspicious and Threat notifications
  •         Using Blacklists and Exclusions
  •         Using Firewall and Device Controls
  •         Reviewing Application Risk Management
  •         Reviewing the Activity page
  •         Regular Expressions
  •         Deep Visibility

SentinelOne Certified Incident Responder (SCIR)

The SCIR certification recognizes individuals who meet the basic knowledge and skills of administering the SentinelOne console, identifying and responding to threats on the SentinelOne platform and Threat Hunting.  The prerequisites for this certification are the SentinelOne Core Workshop (S1-200) and the SentinelOne Threat Hunting Workshop (S1-205).  The open book examination contains 60 questions and applicants are allowed 90 minutes to complete the examination.  It is recommended that the applicants have access to the SentinelOne platform.  Applicants who are unsuccessful in their first attempt can retake the examination after 30 days.  The exam is designed to test the applicant’s knowledge on:

  •         Basic SentinelOne platform configuration and settings
  •         Agent deployment and management
  •         Administrating the Blacklist and Exclusions
  •         Administrating Firewall and Device Controls
  •         Application Risk Management
  •         Running reports
  •         Identifying and responding to alerts
  •         Regular Expressions
  •         Deep Visibility Threat Hunting

SentinelOne Certified Advanced Incident Responder (SCAIR)

The SCAIR certification recognizes individuals who meet the knowledge and skills of administering the SentinelOne console, identifying and responding to threats on the SentinelOne platform.  The prerequisites for this certification are the SentinelOne Administrator course (S1-201), the SentinelOne Investigator course (S1-202) and the SentinelOne Threat Hunting Workshop (S1-205) or the SentinelOne Fundamentals course (S1-203) and the SentinelOne Threat Hunting Workshop (S1-205).  The open book examination contains 90 questions and applicants are allowed 120 minutes to complete the examination.  It is recommended that the applicants have access to the SentinelOne platform.  Applicants who are unsuccessful in their first attempt can retake the examination after 30 days.  The exam is designed to test the applicant’s knowledge on:

  •         Policy settings
  •         SentinelOne EDR platform configuration
  •         Site and Group creations
  •         User management
  •         Agent deployment and management
  •         Administrating the Blacklist and Exclusions
  •         Administrating Firewall and Device Controls
  •         Integrations and Notifications
  •         Application Risk Management
  •         Running reports
  •         Ranger configuration
  •         Ranger Inventory review
  •         Identifying alerts
  •         Analyzing alerts
  •         Different detection engines
  •         Reviewing Forensic details

o   Classification

o   Status

o   Risk levels

o   Detection type

o   Indicators

o   Network Connections

o   Attack Overview

o   Attack Story Line

o   Raw Data Report

  •         Responding to Suspicious and Threat notifications
  •         Reviewing the Activity page
  •         Regular Expressions
  •         Deep Visibility Threat Hunting

Contact Training


To contact training for more information at training@sentinelone.com

Purpose Built to Prevent Tomorrow’s Threats.

Today.

Your most sensitive data lives on the endpoint and in the cloud. Protect what matters most from cyberattacks. Fortify every edge of the network with realtime autonomous protection.