PlatformPackages
Comparing Our Most Feature-Rich Packages
Singularity™ XDR Platform Common Features
Cloud-first multi-tenant SaaS
Fully customizable management experience via multi-site, multi-group architecture
Fully customizable role-based access control and MFA integration
Patented Storyline™ correlation & context
Skylight platform data analytics interface
MITRE ATT&CK® Integration
Data localization
On-premises management
Singularity XDR-Specific Platform Features
Native data ingestion from SentinelOne surface agents (endpoint, cloud, identity, mobile, etc.) - Unmetered and does not decrement the Open XDR ingest quota.
Open XDR data ingestion of 10 GB/day from any external, non-native, non-SentinelOne source. Upgradable to multi-terabyte/day.
Ingested data retention includes both Open XDR & Native data. 14 days default. Upgradable to 3 years.
Singularity XDR Marketplace Apps
Storyline Active Response™ (STAR) Custom Detection Rules. 100 default. Upgradable.
Endpoint security for Windows Workstation, macOS, and legacy Windows (XP, 7, 2003SP2+, 2008)
Modern endpoint protection & NGAV utilizing static AI & behavioral AI
Automated or one-click remediation & rollback
Threat triage & investigation: 1 year lookback
Mobile endpoint support: iOS, Android, Chrome OS
EPP Suite Control Features: Device Control, Firewall Control, Remote Shell
Rogue & unsecured device discovery. Requires Ranger Module for remote installation and other network functions.
Application inventory and application CVEs
Native EDR data ingestion with Storyline™ and MITRE Engenuity ATT&CK(R) Mapping
Native EDR threat hunting via Skylight
Native EDR analytics
Realtime Cloud Workload Security for Linux VMs, Kubernetes clusters and Windows servers & VMs
Automated or one-click remediation & rollback. Remote shell.
Threat triage & investigation: 1 year lookback
Cloud service provider workload metadata sync
Automated App Control for Kubernetes and Linux VMs
Native EDR data ingestion with Storyline™ and MITRE Engenuity ATT&CK(R) Mapping
Native EDR threat hunting via Skylight
Native EDR analytics
Singularity Ranger AD Module: Real-time Active Directory and Azure AD attack surface monitoring and reduction.
Singularity Ranger AD Protect Module: Real-time Active Directory and Azure AD attack surface monitoring and reduction further supplemented with AD domain controller-based Identity Threat Detection and Response.
Singularity Identity Module: Identity Threat Detection & Response for Active Directory and Azure AD and AD domain-joined endpoints.
Singularity Hologram Module: Network-based threat deception that lures in-network and insider threat actors into engaging and revealing themselves.
Singularity Ranger® Attack Surface Management Module: Asset discovery, fingerprinting, and inventory. Automated agent deployment. Suspicious device isolation. Pivot to Skylight threat hunting
RemoteOps Module: Orchestrated forensics, remote investigation, and rapid response at scale.
Cloud Funnel Data Lake Streaming Module: Replicate telemetry to any cloud for any purpose.
Binary Vault Module: Automated malicious and benign file upload for additional forensic analysis.
Standard Support 5/9
Enterprise Support 24/7/365
Enterprise Support + Technical Account Manager
SentinelOne Guided Onboarding (“GO”) deployment service
Vigilance Respond Managed Detection & Response (MDR) subscription
Vigilance Respond Pro MDR + Digital Forensics & Incident Response (DFIR) subscription
WatchTower Active campaign threat hunting & intelligence reporting
WatchTower Pro Bespoke threat hunting & compromise assessment
Vigilance IR Retainer