OneCon Logo Don’t miss OneCon23! SentinelOne’s Customer Conference. Register Now
Don’t miss OneCon23! SentinelOne’s Customer Conference.
Experiencing a Breach?
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog
en
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
S1 Logo Color Light S1 Logo Color
Platform
  • Platform Overview
    • Singularity Platform Welcome to Integrated
      Enterprise Security
    • Singularity XDR Native & Open Protection,
      Detection, and Response
    • Singularity Data Lake AI-Powered,
      Unified Data Lake
    • How It Works The Singularity XDR Difference
    • Singularity Marketplace One-Click Integrations to Unlock the Power of XDR
  • Surfaces
    • Endpoint Autonomous Prevention, Detection, and Response
    • Cloud Autonomous Runtime Protection for Workloads
    • Identity Autonomous Identity & Credential Protection
  • Platform Packages
    • Singularity Complete The Standard for Enterprise Cybersecurity
    • Singularity Control Organization-Wide
      Protection and Control
    • Singularity Core Cloud-Native NGAV
    • Package Comparison Our Platform at a Glance
  • Platform Products
    • Singularity Cloud Container, VM, and Server Workload Security
    • Singularity Mobile Mobile Threat Defense
    • Singularity Cloud Data Security AI-Powered Threat Detection
    • Singularity RemoteOps Orchestrate Forensics at Scale
    • Singularity Identity Identity Threat Detection
      and Response
    • Singularity CloudFunnel Cloud-to-Cloud Telemetry Streaming
    • Singularity Ranger AD Active Directory Attack Surface Reduction
    • Singularity BinaryVault Automatic File Sample Collection
    • Singularity Ranger Rogue Asset Discovery
    • Singularity Hologram Deception Protection
Why SentinelOne?
  • Why SentinelOne?
    • Why SentinelOne? Cybersecurity Built
      for What’s Next
    • Our Customers Trusted by the World’s Leading Enterprises
    • Industry Recognition Tested and Proven
      by the Experts
    • About Us The Industry Leader in Autonomous Cybersecurity
  • Compare SentinelOne
    • CrowdStrike Cyber Dependent
      on a Crowd
    • McAfee Pale Performance,
      More Maintenance
    • Microsoft Platform Coverage
      That Compromises
    • Trend Micro The Risk of DevOps Disruption
    • Palo Alto Networks Hard to Deploy,
      Harder to Manage
    • Carbon Black Adapt Only as Quickly
      as Your Block Lists
    • Symantec Security Limited
      to Signatures
  • Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
Services
  • Threat Services
    • Vigilance Respond Pro
      MDR + DFIR
      24x7 MDR with Full-Scale Investigation & Response
    • WatchTower Pro
      Threat Hunting
      Dedicated Hunting & Compromise Assessment
    • Vigilance Respond
      MDR
      Dedicated SOC
      Expertise & Analysis
    • WatchTower
      Threat Hunting
      Hunting for Emerging Threat Campaigns
    Services Overview
  • Support, Deployment, & Health
    • Technical Account Management Customer Success with Personalized Service
    • SentinelOne GO Guided Onboarding & Deployment Advisory
    • SentinelOne University Live and On-Demand Training
    • Support Services Tiered Support Options for Every Organization
    • SentinelOne Community Community Login
Partners
  • Our Network
    • MSSP Partners Succeed Faster
      with SentinelOne
    • Singularity Marketplace Extend the Power
      of S1 Technology
    • Cyber Risk
      Partners
      Enlist Pro Response
      and Advisory Teams
    • Technology Alliances Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS Hosted in AWS Regions Around the World
    • Channel Partners Deliver the Right
      Solutions, Together
    Program Overview
Resources
  • Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • White Papers
    View All Resources
  • Blog
    • Cyber Response
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog
  • Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
About
  • About SentinelOne
    • About SentinelOne The Industry Leader in Cybersecurity
    • Investor Relations Financial Information & Events
    • SentinelLABS Threat Research for
      the Modern Threat Hunter
    • Careers The Latest Job Opportunities
    • Press & News Company Announcements
    • Cybersecurity Blog The Latest Cybersecurity Threats, News, & More
    • F1 Racing SentinelOne &
      Aston Martin F1 Team
    • FAQ Get Answers to Our Most Frequently Asked Questions
    • DataSet The Live Data Platform
    • S Foundation Securing a Safer Future for All
    • S Ventures Investing in the Next Generation
      of Security and Data
    • Brand SentinelOne Brand Guidelines
en
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
Get a Demo
S1 Logo Color Light S1 Logo Color
Navigation Arrow Left Back
Navigation Close
Platform
  • Platform Overview
    • Singularity Platform Welcome to Integrated
      Enterprise Security
    • Singularity XDR Native & Open Protection,
      Detection, and Response
    • Singularity Data Lake AI-Powered,
      Unified Data Lake
    • How It Works The Singularity XDR Difference
    • Singularity Marketplace One-Click Integrations to Unlock the Power of XDR
  • Surfaces
    • Endpoint Autonomous Prevention, Detection, and Response
    • Cloud Autonomous Runtime Protection for Workloads
    • Identity Autonomous Identity & Credential Protection
  • Platform Packages
    • Singularity Complete The Standard for Enterprise Cybersecurity
    • Singularity Control Organization-Wide
      Protection and Control
    • Singularity Core Cloud-Native NGAV
    • Package Comparison Our Platform at a Glance
  • Platform Products
    • Singularity Cloud Container, VM, and Server Workload Security
    • Singularity Mobile Mobile Threat Defense
    • Singularity Cloud Data Security AI-Powered Threat Detection
    • Singularity RemoteOps Orchestrate Forensics at Scale
    • Singularity Identity Identity Threat Detection
      and Response
    • Singularity CloudFunnel Cloud-to-Cloud Telemetry Streaming
    • Singularity Ranger AD Active Directory Attack Surface Reduction
    • Singularity BinaryVault Automatic File Sample Collection
    • Singularity Ranger Rogue Asset Discovery
    • Singularity Hologram Deception Protection
Why SentinelOne?
  • Why SentinelOne?
    • Why SentinelOne? Cybersecurity Built
      for What’s Next
    • Our Customers Trusted by the World’s Leading Enterprises
    • Industry Recognition Tested and Proven
      by the Experts
    • About Us The Industry Leader in Autonomous Cybersecurity
  • Compare SentinelOne
    • CrowdStrike Cyber Dependent
      on a Crowd
    • McAfee Pale Performance,
      More Maintenance
    • Microsoft Platform Coverage
      That Compromises
    • Trend Micro The Risk of DevOps Disruption
    • Palo Alto Networks Hard to Deploy,
      Harder to Manage
    • Carbon Black Adapt Only as Quickly
      as Your Block Lists
    • Symantec Security Limited
      to Signatures
  • Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
Services
  • Threat Services
    • Vigilance Respond Pro
      MDR + DFIR
      24x7 MDR with Full-Scale Investigation & Response
    • WatchTower Pro
      Threat Hunting
      Dedicated Hunting & Compromise Assessment
    • Vigilance Respond
      MDR
      Dedicated SOC
      Expertise & Analysis
    • WatchTower
      Threat Hunting
      Hunting for Emerging Threat Campaigns
    Services Overview
  • Support, Deployment, & Health
    • Technical Account Management Customer Success with Personalized Service
    • SentinelOne GO Guided Onboarding & Deployment Advisory
    • SentinelOne University Live and On-Demand Training
    • Support Services Tiered Support Options for Every Organization
    • SentinelOne Community Community Login
Partners
  • Our Network
    • MSSP Partners Succeed Faster
      with SentinelOne
    • Singularity Marketplace Extend the Power
      of S1 Technology
    • Cyber Risk
      Partners
      Enlist Pro Response
      and Advisory Teams
    • Technology Alliances Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS Hosted in AWS Regions Around the World
    • Channel Partners Deliver the Right
      Solutions, Together
    Program Overview
Resources
  • Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • White Papers
    View All Resources
  • Blog
    • Cyber Response
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog
  • Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
About
  • About SentinelOne
    • About SentinelOne The Industry Leader in Cybersecurity
    • Investor Relations Financial Information & Events
    • SentinelLABS Threat Research for
      the Modern Threat Hunter
    • Careers The Latest Job Opportunities
    • Press & News Company Announcements
    • Cybersecurity Blog The Latest Cybersecurity Threats, News, & More
    • F1 Racing SentinelOne &
      Aston Martin F1 Team
    • FAQ Get Answers to Our Most Frequently Asked Questions
    • DataSet The Live Data Platform
    • S Foundation Securing a Safer Future for All
    • S Ventures Investing in the Next Generation
      of Security and Data
    • Brand SentinelOne Brand Guidelines
Get a Demo
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog
Experiencing a Breach?
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog

SentinelOne Unveils Storyline Active Response (STAR) To Transform XDR

Customized and Dynamic Detection Rules Coupled with Automated Responses Replace Legacy EDR Watchlists

Mountain View, Calif. – August 4, 2021 – SentinelOne (NYSE: S), an autonomous cybersecurity platform company, today unveiled SentinelOne Storyline Active Response (STAR)™, its cloud-based automated hunting, detection, and response engine. Integrated with SentinelOne’s ActiveEDR ®, STAR empowers security teams to create custom detection and response rules and deploy them in real-time to the entire network or desired subset, to proactively detect and respond to threats. STAR also enables security teams to turn these queries into hunting rules that trigger alerts and automated responses when rules detect matches. STAR replaces the need for manual, one-off, and labor-intensive legacy EDR activities with automated, customized responses – empowering SOC teams to stay a step ahead of the rapidly evolving threat landscape. Unlike legacy EDR watchlists, STAR can protect against new threats without software updates, write customized MITRE-compatible detection logic, and add rules for industry-specific threats at machine speed.

The SentinelOne Singularity XDR platform is built on the foundation of Storyline technology. Storyline leverages patented behavioral AI to monitor, track, and contextualize all event data across endpoints, cloud workloads, and IoT devices. The output is a dynamic model which scores risk and connects disparate event data automatically into an understandable story at machine speed. Storyline Active Response adds capability to the output of the Storyline technology to customize detection and automate responses.

“Despite advancements over the past few years, EDR products are still human-powered and dependent on manual work to respond to attacks. The result is a growing time gap which benefits the adversary in compromising enterprises,” said Yonni Shelmerdine, Head of XDR Products and Strategy, SentinelOne. “We built STAR to enable SOC teams to be proactive and efficient. The “R” of EDR – response – has always been too resource-intensive and is the weak spot where today’s products, people, and processes fall short. STAR is a natural evolution of our best-in-class visibility and advanced detection capabilities, enabling enterprises to benefit from the automation, scale, and speed that we’re bringing to the XDR era.”

Nationstates and cybercrime groups are continually automating their tactics, techniques, and procedures (TTPs) to avoid being detected within networks. EDR products are producing data at the scale of billions of events per day, creating an analysis and response challenge beyond the limits of human capacity. SentinelOne STAR alleviates this burden, leveraging technology to automatically respond to threats.

“In the face of ever-evolving attacks, time and automation are key to neutralizing them,” said Ben Auch, Sr. Director of Cybersecurity at Gannett. “SentinelOne STAR provides our security team the ability to write custom TTP and IOC detection rules to target threats specific to our environment and to kill the threats automatically. Also, unlike legacy watchlists, STAR lets us easily pivot from hunting threats to creating threat detection rules in real-time without needing to make any configuration changes. SentinelOne has been a great partner to us in all stages and continues to innovate and pioneer new solutions in the market.”

To learn more about how STAR can customize detection rules and automate response to fit your business and environment, please visit: ​​https://www.sentinelone.com/platform/singularity-xdr-power-tools/

About SentinelOne

SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous platform.

Press

Maryellen Sartori
fama PR for SentinelOne
P: 617-986-5035
E: [email protected]

Company | 4 minute read

The Good, the Bad and the Ugly in Cybersecurity – Week 39

September 29, 2023
New GBU Weekly
Company | 12 minute read

Guarding the Gates of Learning | Cyber Threats in Education and How to Defend Against Them

September 28, 2023
macOS | 8 minute read

Sonoma in the Spotlight | What’s New and What’s Missing in macOS 14

September 27, 2023
Company | 6 minute read

LABScon23 Highlights | The Cyber Talks Everyone’s Discussing

September 26, 2023

Purpose Built to Prevent Tomorrow’s Threats. Today.

Your most sensitive data lives on the endpoint and in the cloud. Protect what matters most from cyberattacks. Fortify the edges of your network with realtime autonomous protection.
Get a Demo
Company
  • Our Customers
  • Why SentinelOne
  • Platform
  • About
  • Partners
  • Support
  • Careers
  • Legal & Compliance
  • Security & Compliance
  • Contact Us
  • Investor Relations
Resources
  • Blog
  • Labs
  • Hack Chat
  • Press
  • News
  • FAQ
  • Resources
  • Ransomware Anthology
Global Headquarters

444 Castro Street
Suite 400
Mountain View, CA 94041

+1-855-868-3733

[email protected]

Sign Up For Our Newsletter
Thank you! You will now receive our weekly newsletter with all recent blog posts. See you soon!
English
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
©2023 SentinelOne, All Rights Reserved.
Privacy Policy Master Subscription Agreement
Footer Logo
Social Twitter White Social Facebook White Social Linkedin White Social Youtube White