OneCon Logo Don’t miss OneCon23! SentinelOne’s Customer Conference. Register Now
Don’t miss OneCon23! SentinelOne’s Customer Conference.
Experiencing a Breach?
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog
en
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
S1 Logo Color Light S1 Logo Color
Platform
  • Platform Overview
    • Singularity Platform Welcome to Integrated
      Enterprise Security
    • Singularity XDR Native & Open Protection,
      Detection, and Response
    • Singularity Data Lake AI-Powered,
      Unified Data Lake
    • How It Works The Singularity XDR Difference
    • Singularity Marketplace One-Click Integrations to Unlock the Power of XDR
  • Surfaces
    • Endpoint Autonomous Prevention, Detection, and Response
    • Cloud Autonomous Runtime Protection for Workloads
    • Identity Autonomous Identity & Credential Protection
  • Platform Packages
    • Singularity Complete The Standard for Enterprise Cybersecurity
    • Singularity Control Organization-Wide
      Protection and Control
    • Singularity Core Cloud-Native NGAV
    • Package Comparison Our Platform at a Glance
  • Platform Products
    • Singularity Cloud Container, VM, and Server Workload Security
    • Singularity Mobile Mobile Threat Defense
    • Singularity Cloud Data Security AI-Powered Threat Detection
    • Singularity RemoteOps Orchestrate Forensics at Scale
    • Singularity Identity Identity Threat Detection
      and Response
    • Singularity CloudFunnel Cloud-to-Cloud Telemetry Streaming
    • Singularity Ranger AD Active Directory Attack Surface Reduction
    • Singularity BinaryVault Automatic File Sample Collection
    • Singularity Ranger Rogue Asset Discovery
    • Singularity Hologram Deception Protection
Why SentinelOne?
  • Why SentinelOne?
    • Why SentinelOne? Cybersecurity Built
      for What’s Next
    • Our Customers Trusted by the World’s Leading Enterprises
    • Industry Recognition Tested and Proven
      by the Experts
    • About Us The Industry Leader in Autonomous Cybersecurity
  • Compare SentinelOne
    • CrowdStrike Cyber Dependent
      on a Crowd
    • McAfee Pale Performance,
      More Maintenance
    • Microsoft Platform Coverage
      That Compromises
    • Trend Micro The Risk of DevOps Disruption
    • Palo Alto Networks Hard to Deploy,
      Harder to Manage
    • Carbon Black Adapt Only as Quickly
      as Your Block Lists
    • Symantec Security Limited
      to Signatures
  • Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
Services
  • Threat Services
    • Vigilance Respond Pro
      MDR + DFIR
      24x7 MDR with Full-Scale Investigation & Response
    • WatchTower Pro
      Threat Hunting
      Dedicated Hunting & Compromise Assessment
    • Vigilance Respond
      MDR
      Dedicated SOC
      Expertise & Analysis
    • WatchTower
      Threat Hunting
      Hunting for Emerging Threat Campaigns
    Services Overview
  • Support, Deployment, & Health
    • Technical Account Management Customer Success with Personalized Service
    • SentinelOne GO Guided Onboarding & Deployment Advisory
    • SentinelOne University Live and On-Demand Training
    • Support Services Tiered Support Options for Every Organization
    • SentinelOne Community Community Login
Partners
  • Our Network
    • MSSP Partners Succeed Faster
      with SentinelOne
    • Singularity Marketplace Extend the Power
      of S1 Technology
    • Cyber Risk
      Partners
      Enlist Pro Response
      and Advisory Teams
    • Technology Alliances Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS Hosted in AWS Regions Around the World
    • Channel Partners Deliver the Right
      Solutions, Together
    Program Overview
Resources
  • Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • White Papers
    View All Resources
  • Blog
    • Cyber Response
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog
  • Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
About
  • About SentinelOne
    • About SentinelOne The Industry Leader in Cybersecurity
    • Investor Relations Financial Information & Events
    • SentinelLABS Threat Research for
      the Modern Threat Hunter
    • Careers The Latest Job Opportunities
    • Press & News Company Announcements
    • Cybersecurity Blog The Latest Cybersecurity Threats, News, & More
    • F1 Racing SentinelOne &
      Aston Martin F1 Team
    • FAQ Get Answers to Our Most Frequently Asked Questions
    • DataSet The Live Data Platform
    • S Foundation Securing a Safer Future for All
    • S Ventures Investing in the Next Generation
      of Security and Data
    • Brand SentinelOne Brand Guidelines
en
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
Get a Demo
S1 Logo Color Light S1 Logo Color
Navigation Arrow Left Back
Navigation Close
Platform
  • Platform Overview
    • Singularity Platform Welcome to Integrated
      Enterprise Security
    • Singularity XDR Native & Open Protection,
      Detection, and Response
    • Singularity Data Lake AI-Powered,
      Unified Data Lake
    • How It Works The Singularity XDR Difference
    • Singularity Marketplace One-Click Integrations to Unlock the Power of XDR
  • Surfaces
    • Endpoint Autonomous Prevention, Detection, and Response
    • Cloud Autonomous Runtime Protection for Workloads
    • Identity Autonomous Identity & Credential Protection
  • Platform Packages
    • Singularity Complete The Standard for Enterprise Cybersecurity
    • Singularity Control Organization-Wide
      Protection and Control
    • Singularity Core Cloud-Native NGAV
    • Package Comparison Our Platform at a Glance
  • Platform Products
    • Singularity Cloud Container, VM, and Server Workload Security
    • Singularity Mobile Mobile Threat Defense
    • Singularity Cloud Data Security AI-Powered Threat Detection
    • Singularity RemoteOps Orchestrate Forensics at Scale
    • Singularity Identity Identity Threat Detection
      and Response
    • Singularity CloudFunnel Cloud-to-Cloud Telemetry Streaming
    • Singularity Ranger AD Active Directory Attack Surface Reduction
    • Singularity BinaryVault Automatic File Sample Collection
    • Singularity Ranger Rogue Asset Discovery
    • Singularity Hologram Deception Protection
Why SentinelOne?
  • Why SentinelOne?
    • Why SentinelOne? Cybersecurity Built
      for What’s Next
    • Our Customers Trusted by the World’s Leading Enterprises
    • Industry Recognition Tested and Proven
      by the Experts
    • About Us The Industry Leader in Autonomous Cybersecurity
  • Compare SentinelOne
    • CrowdStrike Cyber Dependent
      on a Crowd
    • McAfee Pale Performance,
      More Maintenance
    • Microsoft Platform Coverage
      That Compromises
    • Trend Micro The Risk of DevOps Disruption
    • Palo Alto Networks Hard to Deploy,
      Harder to Manage
    • Carbon Black Adapt Only as Quickly
      as Your Block Lists
    • Symantec Security Limited
      to Signatures
  • Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
Services
  • Threat Services
    • Vigilance Respond Pro
      MDR + DFIR
      24x7 MDR with Full-Scale Investigation & Response
    • WatchTower Pro
      Threat Hunting
      Dedicated Hunting & Compromise Assessment
    • Vigilance Respond
      MDR
      Dedicated SOC
      Expertise & Analysis
    • WatchTower
      Threat Hunting
      Hunting for Emerging Threat Campaigns
    Services Overview
  • Support, Deployment, & Health
    • Technical Account Management Customer Success with Personalized Service
    • SentinelOne GO Guided Onboarding & Deployment Advisory
    • SentinelOne University Live and On-Demand Training
    • Support Services Tiered Support Options for Every Organization
    • SentinelOne Community Community Login
Partners
  • Our Network
    • MSSP Partners Succeed Faster
      with SentinelOne
    • Singularity Marketplace Extend the Power
      of S1 Technology
    • Cyber Risk
      Partners
      Enlist Pro Response
      and Advisory Teams
    • Technology Alliances Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS Hosted in AWS Regions Around the World
    • Channel Partners Deliver the Right
      Solutions, Together
    Program Overview
Resources
  • Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • White Papers
    View All Resources
  • Blog
    • Cyber Response
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog
  • Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
About
  • About SentinelOne
    • About SentinelOne The Industry Leader in Cybersecurity
    • Investor Relations Financial Information & Events
    • SentinelLABS Threat Research for
      the Modern Threat Hunter
    • Careers The Latest Job Opportunities
    • Press & News Company Announcements
    • Cybersecurity Blog The Latest Cybersecurity Threats, News, & More
    • F1 Racing SentinelOne &
      Aston Martin F1 Team
    • FAQ Get Answers to Our Most Frequently Asked Questions
    • DataSet The Live Data Platform
    • S Foundation Securing a Safer Future for All
    • S Ventures Investing in the Next Generation
      of Security and Data
    • Brand SentinelOne Brand Guidelines
Get a Demo
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog
Experiencing a Breach?
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog

Singularity Platform

Packages

Featured Products

Packages Singularity Cloud STACK RGB BLK PURP

Runtime Cloud Workload Security. Supports public cloud services and private data centers.

Priced per VM or Kubernetes worker node per month. Get in touch for details.

Packages Singularity Platform STACK RGB BLK PURP

Any data, any source, one data lake. Includes 10GB/day data ingestion from any external source at no additional cost.

Upgradable to any volume. SentinelOne native data included free of charge.

Packages Singularity Identity STACK RGB BLK PURP

Cloud-based, real-time Active Directory and Azure AD attack surface monitoring and reduction.

Priced per user. Get in touch for details.

All pricing in USD. Includes bundled features at minimum quantity 100-500 for commercial accounts. Billed Annually.
Contact SentinelOne for Enterprise, Government, and Sector pricing. Specific product features and description shown are subject to the release notes and meeting the system requirements in the product documentation

Platform
Packages

Comparing Our Most
Feature-Rich Packages

Singularity™ Platform Common Features

Cloud-first multi-tenant SaaS
Fully customizable management experience via multi-site, multi-group architecture
Fully customizable role-based access control and MFA integration
Patented Storyline™ correlation & context
Skylight platform data analytics interface
MITRE ATT&CK® Integration
Data localization

Singularity XDR

Native data ingestion from SentinelOne surface agents (endpoint, cloud, identity, mobile, etc.) - Unmetered and does not decrement the Open XDR ingest quota.
Open XDR data ingestion of 10 GB/day from any external, non-native, non-SentinelOne source. Upgradable to multi-terabyte/day.
Ingested data retention includes both Open XDR & Native data. 14 days default. Upgradable to 3 years.
Singularity XDR Marketplace Apps
Storyline Active Response™ (STAR) Custom Detection Rules. 100 default. Upgradable.

ENDPOINT SURFACES

Endpoint security for Windows Workstation, macOS, and legacy Windows (XP, 7, 2003SP2+, 2008)
Modern endpoint protection & NGAV utilizing static AI & behavioral AI
Automated or one-click remediation & rollback
Threat triage & investigation: 1 year lookback
Mobile endpoint support: iOS, Android, Chrome OS
EPP Suite Control Features: Device Control, Firewall Control, Remote Shell
Rogue & unsecured device discovery. Requires Ranger Module for remote installation and other network functions.
Application inventory and application CVEs
Built-in data collection scripts
Native EDR data ingestion with Storyline™ and MITRE Engenuity ATT&CK(R) Mapping
Native EDR threat hunting via Skylight
Native EDR analytics

CLOUD SURFACES

Realtime Cloud Workload Security for Linux VMs, Kubernetes clusters and Windows servers & VMs
Automated or one-click remediation & rollback. Remote shell.
Threat triage & investigation: 1 year lookback
Cloud service provider workload metadata sync
Automated App Control for Kubernetes and Linux VMs
Built-in data collection scripts
Native EDR data ingestion with Storyline™ and MITRE Engenuity ATT&CK(R) Mapping
Native EDR threat hunting via Skylight
Native EDR analytics

IDENTITY SURFACE

Singularity Ranger AD Module: Real-time Active Directory and Azure AD attack surface monitoring and reduction.
Singularity Ranger AD Protect Module: Real-time Active Directory and Azure AD attack surface monitoring and reduction further supplemented with AD domain controller-based Identity Threat Detection and Response.
Singularity Identity Module: Identity Threat Detection & Response for Active Directory and Azure AD and AD domain-joined endpoints.
Singularity Hologram Module: Network-based threat deception that lures in-network and insider threat actors into engaging and revealing themselves.

PLATFORM MODULE OPTIONS

Singularity Ranger® Attack Surface Management Module: Asset discovery, fingerprinting, and inventory. Automated agent deployment. Suspicious device isolation. Pivot to Skylight threat hunting
RemoteOps Module: Orchestrated forensics, remote investigation, and rapid response at scale.
Cloud Funnel Data Lake Streaming Module: Replicate telemetry to any cloud for any purpose.
Binary Vault Module: Automated malicious and benign file upload for additional forensic analysis.

SERVICES & SUPPORT

Standard Support 5/9
Enterprise Support 24/7/365
Enterprise Support + Technical Account Manager
SentinelOne Guided Onboarding (“GO”) deployment service
Vigilance Respond Managed Detection & Response (MDR) subscription
Vigilance Respond Pro MDR + Digital Forensics & Incident Response (DFIR) subscription
WatchTower Active campaign threat hunting & intelligence reporting
WatchTower Pro Bespoke threat hunting & compromise assessment
Vigilance IR Retainer
S1 Singularity Core STACK RGB WHT 2

Cloud-Native NGAV

S1 Singularity Control STACK RGB WHT 2

Security + Suite Features

S1 Singularity Complete STACK RGB WHT 2

The Future’s Enterprise
Security Platform


Available
Available
Available


Open XDR data only






Limited
Limited
Limited
Limited

Built to Scale

A Flexible Management Platform for SOC and IT Operations of All Sizes Designed to Be Effective at Enterprise Scale

Scale 250x82 PURP

Extreme Scalability

The Singularity Platform is built with elastic cloud compute components designed to dynamically and massively scale to 500,000+ agents per cluster.

Hosting 250x82 PURP

Hosting Flexibility

Pick the hosting theatre of your choice to meet compliance and data storage requirements. SentinelOne supports hosting in North America, Europe, and Asia as well as on-premises.

Management 250x82 PURP

Management Ease

Your organization is uniquely structured. SentinelOne’s unparalleled multi-tenant / multi-site / multi-group customization gives you the tools to craft a customized and flexible management hierarchy.

Built for Control

Flexible 250x82 PURP

Flexible
Administration

Singularity’s SOC2, Type 2 certified platform offers multiple authentication mechanisms including SSO and MFA as well as role-based access control for proper authorization depending on the user’s role.

Policy 250x82 PURP

Policy
Granularity

Centralized policy administration is as simple or specific as needed to reflect environment requirements. Policy inheritance, exclusion catalog, and centralized JSON agent controls are just a few of the tools at your disposal.

Management 250x82 PURP

Controlled
Updates

Stay in complete control. Unlike other security vendors, SentinelOne doesn’t push agent updates without your knowledge. Instead we offer controlled agent upgrade tools and maintenance window support.

Built for You

Data Driven 250x82 PURP

Open XDR Data Ingestion

Singularity XDR lets you augment our native endpoint, cloud, and identity telemetry with security & IT data from any outside source. This coalesced data enables deeper visibility, investigation, and threat mitigation capabilities.

App Store 250x82 PURP

Singularity Marketplace

Singularity Marketplace is an ecosystem of one-click applications for intelligence, automation, and data integrations extending SentinelOne across the security and IT stack. No massive time investment, custom business logic, code, or complex configuration necessary.

OS Support 250x82 PURP

Broad OS Support

SentinelOne offers support for nearly 20 years of Windows releases from everything modern back through to legacy EOL versions, macOS including the new Apple kextless OS security model, and 13 distributions of Linux. Cloud-native containerized workloads are also supported.

FAQ

What solutions does the Singularity XDR Platform offer? Navigation Arrow Down Light

The SentinelOne Singularity Platform empowers SOC & IT Operations teams with a more efficient way to protect information assets against today’s sophisticated threats. Visit this page for more information.

What platforms and OSes does Singularity support? Navigation Arrow Down Light

SentinelOne offers support for 17 years of Windows releases from everything modern back through to legacy EOL versions, macOS including the new Apple kextless OS security model, and 13 distributions of Linux. Cloud-native containerized workloads are also supported.

What is Singularity Cloud and how does it differ from endpoint? Navigation Arrow Down Light

Singularity Cloud Workload Security delivers visibility and runtime security for apps running on servers, VMs, or containers, no matter their location. Visit this page for more information.

What is Singularity Ranger? Navigation Arrow Down Light

Ranger controls the network attack surface by extending the Sentinel agent function. Ranger reports what it sees on networks and enables blocking of unauthorized devices. Ranger fulfills asset inventory requirements. Visit this page for more information.

What protection capabilities does the Singularity Platform have? Does it protect against threats like ransomware and fileless attacks? Navigation Arrow Down Light

Yes, the Singularity Platform protects against ransomware, fileless threats, “Living off the Land” (aka LOLbin) attacks… just to name a few. Our tech uses on-agent static AI to prevent, block, and quarantine malware in real-time. Similarly, on-agent behavioral AI engines detect malicious behavior by tracking and contextualizing everything on a device. Malicious acts are identified and halted in real-time. All unauthorized changes are remediated with a single click. All critical data is contextualized and available within the EDR platform for digital forensics, incident response, and threat hunting activities.

What ROI can I reasonably expect from my investment in SentinelOne solutions? Navigation Arrow Down Light

SentinelOne commissioned Forrester Research to independently assess the ROI that a prototypical customer, built upon real customer interviews, might reasonably expect to achieve. The 2020 Forrester Total Economic Impact reports 353% ROI. More information is available here.

Does the Sentinel agent require a cloud connection to provide protection and remediation? Navigation Arrow Down Light

Sentinel agents are designed to do much more locally than competing solutions, resulting in far faster protective responses since they don’t rely on the cloud or humans to do everything. However, these agents are deeply integrated to the overall SaaS solution to work in tandem with intelligent cloud-delivered components like Deep Visibility ActiveEDR®, Storyline Active Response–STAR™, and Ranger for a well-rounded stable of features enabling effective security consolidation and the elimination of legacy agents.

How does Storyline help me accelerate triage and incident response? Navigation Arrow Down Light

Storyline constantly monitors all OS processes, malicious and benign, and automatically builds a process tree and maps events to MITRE ATT&CK® TTPs. In Protect Mode, ActiveEDR will automatically thwart the attack at machine speed. Never build another process tree. We do it for you.

Where is my data hosted, and does SentinelOne store personal information? Navigation Arrow Down Light

We offer several international options for cloud hosting location to meet data localization requirements. Most of the information that SentinelOne collects through the Solutions is not Personal Information and relates to the computing processes of devices protected against malware infection by the SentinelOne Services, or device standard identifiers. More information is available here.

What are the compliance and certification standards that the Singularity Platform meets? How does your solution help customers meet and maintain their own regulatory compliance requirements? For example: ISO/IEC 27001:2013, FedRAMP, GDPR, CCPA, PCI-DSS, HIPAA, and others. Navigation Arrow Down Light

SentinelOne invests significant effort into securing its platform to multiple standards that in turn help customers secure their own. Visit this page for links to relevant information.

How long does SentinelOne retain my data? Navigation Arrow Down Light

Benign data artifacts used for threat hunting purposes are retained for 14 days by default. Customers may opt for longer retention periods. For example: 30, 60, 90 days and up to one year. Data that contains indicators of malicious content is retained for 365 days. Data regarding configuration and audit logs are kept for traceability and audit purposes and retained through the lifetime of your subscription.

Can I stream EDR data to other places? Navigation Arrow Down Light

Yes, with our Cloud Funnel add-on, you can securely stream your EDR and XDR telemetry from SentinelOne to Amazon S3 and Google Cloud Storage for use in SIEM and SOAR platforms, alternative data lakes, and other workflows.

Backed by the Industry

Tried and Trusted by the Industry’s Leading Authorities, Analysts, and Associations.

Gartner Primary Logo WHT 1

Endpoint Protection Platforms

  •  A Leader in the 2022 Magic Quadrant for Endpoint Protection Platforms
Learn More Cta Left Left White
MITRE Engenuity Logo WHT 1

Record Breaking ATT&CK Evaluation

  • 100% Protection. 100% Detection.
  • Top Analytic Coverage 3 Years in a Row
  • 100% Real-time with Zero Delays
Learn More Cta Left Left White
Gartner Peer Insights 2023 Hp

96% WOULD RECOMMEND FOR EDR AND EPP

  • 4.8/5 Rating for Endpoint Protection Platforms and Endpoint Detection & Response Platforms
Learn More Cta Left Left White

Purpose Built to Prevent Tomorrow’s Threats. Today.

Your most sensitive data lives on the endpoint and in the cloud. Protect what matters most from cyberattacks. Fortify the edges of your network with realtime autonomous protection.
Get a Demo
Company
  • Our Customers
  • Why SentinelOne
  • Platform
  • About
  • Partners
  • Support
  • Careers
  • Legal & Compliance
  • Security & Compliance
  • Contact Us
  • Investor Relations
Resources
  • Blog
  • Labs
  • Hack Chat
  • Press
  • News
  • FAQ
  • Resources
  • Ransomware Anthology
Global Headquarters

444 Castro Street
Suite 400
Mountain View, CA 94041

+1-855-868-3733

[email protected]

Sign Up For Our Newsletter
Thank you! You will now receive our weekly newsletter with all recent blog posts. See you soon!
English
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
©2023 SentinelOne, All Rights Reserved.
Privacy Policy Master Subscription Agreement
Footer Logo
Social Twitter White Social Facebook White Social Linkedin White Social Youtube White