SentinelOne to Provide Mac and Linux Platform Coverage for Windows Defender Advanced Threat Protection (ATP)

Mountain View, Calif. – Feb. 12, 2017SentinelOne, the autonomous endpoint protection company, today announced it will integrate its SentinelOne Endpoint Protection Platform (EPP) with Windows Defender Advanced Threat Protection (ATP) service to cover Mac and Linux device platforms. SentinelOne will seamlessly feed all threats and detections from Mac and Linux endpoints into the Windows Defender ATP console, enabling security teams to see and remediate threats across Windows, Mac, and Linux platforms. To sign up for beta access, please visit

Organizations are not homogeneous in their devices, often using computers, operating systems and servers from a variety of vendors. As a result, unified cross-platform protection and visibility into threats across all platforms and devices is more important than ever before. With SentinelOne’s integration with Windows Defender ATP, security teams can now detect, prevent and respond to attacks on MacOS and Linux OS devices natively from the Windows Defender ATP console.

“SentinelOne is the only platform that autonomously defends every endpoint against every type of attack, at every stage in the threat lifecycle. Our work with Microsoft is a true testament to our efficacy, performance and visionary engineering prowess,” said Tomer Weingarden, CEO and co-founder, SentinelOne. “We are laser focused on providing the industry’s most advanced and open endpoint protection platform. This tight integration furthers our mission to secure every endpoint, and protect every edge of the network, regardless of hardware or OS.”

By applying machine learning and AI, SentinelOne Endpoint Protection Platform (EPP) proactively protects from advanced threats, as well as detects and remediates endpoint issues fully automatically. SentinelOne’s Behavioral AI engine monitors each system process providing not only superior protection from the widest array of attack vectors, but also yielding unparalleled endpoint visibility.

Within the Windows Defender ATP console, every device has its own rich machine timeline, with event history for up to six months that can be instantaneously and easily searched as well as actioned. SentinelOne customers can easily integrate with Windows Defender ATP and implement the service with just a few clicks. There are no requirements for any additional infrastructure, and once the integration is configured, new events from onboarded MacOS and Linux devices start natively surfacing into the Windows Defender ATP console.

“In a modern security environment, security teams need to monitor a variety of devices, including Windows, Linux and MacOS platforms.” said Moti Gindi, General Manager for Windows Cyber Defense, Microsoft. “SentinelOne’s solution integrates with Windows Defender ATP to monitor Mac and Linux endpoints’ activity and apply machine learning to dynamically detect attacks in real-time. This provides customers with a single integrated view of their endpoints security across platforms.”

SentinelOne is consistently rated the top EPP product by customers, leading AV testing organizations and received a “recommended” rating for Advanced Endpoint Protection from NSS Labs. In a recent third party evaluation by AV Test on SentinelOne’s ability to prevent cyber threats on the Mac platform, it was lauded for its ability to “fend off all attackers 100 percent, resulting only in an additional system load of one second.” Compared to competitive products, SentinelOne’s protection requires three to five percent less resources.

Beta access to the integrated SentinelOne/Windows Defender ATP solution is now available.

About SentinelOne

SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects and responds to attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real time for both on premise and cloud environments and is the only solution to provide full visibility across networks directly from the endpoint. To learn more visit or follow us at @SentinelOne, on LinkedIn or Facebook.

Brian Merrill
fama PR for SentinelOne
P: 1.617.986.5005