SentinelOne Acquires Attivo Networks, Bringing Identity to XDR Learn More
SentinelOne Acquires Attivo Networks, Bringing Identity to XDR
Experiencing a Breach?
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog
en
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
Get a Demo
  • Platform
    The SentinelOne platform delivers the defenses you need to prevent, detect, and undo—known and unknown—threats.
    XDR Platform Overview
    Platform Packages
    SentinelOne for Zero Trust
    • Platform Packages
      • SingularitySingularity CompleteThe Future's Enterprise Security Platform
      • SingularitySingularity ControlSecurity with Suite Features
      • SingularitySingularity CoreCloud-Native NGAV
    • Platform Products
      • SingularitySingularity CloudContainer & Cloud
        Workload Security
      • SingularitySingularity IdentityIdentity Security
      • SentinelOneSentinelOne DataScalable Data Management
      • SingularitySingularity MobileMobile Threat Defense
      • SingularitySingularity RangerNetwork Visibility & Control
      • SingularitySingularity Ranger ADActive Directory Security
      • SingularitySingularity HologramAdversary Deception
      • SingularitySingularity XDR Power ToolsAdvanced XDR tools
  • Why SentinelOne?

    Why SentinelOne?

    SentinelOne is autonomous cybersecurity built for what’s next.

    Why SentinelOne
    Get a Demo
    • Why SentinelOne?
      • Our CustomersOur Customers Trusted by Leading Enterprises Around the Globe
      • About UsAbout Us The Industry Leader in Autonomous Cybersecurity
      • Industry RecognitionIndustry Recognition Tested & Proven
    • Compare SentinelOne
      • Vs CrowdStrike
      • Vs Microsoft Defender EPP+EDR
      • Vs Microsoft Defender XDR
      • Vs McAfee
      • Vs Symantec
      • Vs Carbon Black
      • Vs Palo Alto
      • Vs Trend Micro
    • Verticals
      • Energy
      • Federal Government
      • Finance
      • Healthcare
      • Higher Education
      • K-12 Education
      • Manufacturing
      • Retail
  • Services

    Global Services

    Augment leading technology with trusted expertise, and get set up for success with hands-on support and training.
    Services Overview
    Get Help Now
    • Threat Services
      • Vigilance Respond ProVigilance Respond Pro MDR + DFIR24x7 MDR with Full-Scale
        Investigation & Response
      • Vigilance RespondVigilance Respond MDRDedicated SOC
        Expertise & Analysis
      • WatchTower ProWatchTower Pro Threat HuntingDedicated Threat Hunting
        & Compromise Assessment
      • WatchTowerWatchTower Threat HuntingHunting for Active Campaigns
        & Emerging Threats
    • Support, Deployment, & Health
      • SentinelOne GOSentinelOne GO Guided Onboarding
        & Deployment Advisory
      • Support ServicesSupport Services Tiered Support Options
        for Every Organisation
      • Technical Account ManagementTechnical Account Management Customer Success with
        Personalised Service
      • SentinelOne UniversitySentinelOne University Live & On-Demand Training
  • Partners

    Partner Program

    See how SentinelOne works with trusted names worldwide to enhance programs, process, and technology.
    Program Overview
    • OUR NETWORK
      • Singularity MarketplaceSingularity Marketplace Extend the Power of S1 Technology
      • Technology AlliancesTechnology Alliances See Integrated, Enterprise-Scale Solutions
      • Channel PartnersChannel Partners Deliver the Right Solutions. Together
      • Cyber Risk PartnersCyber Risk Partners Enlist Pro Response & Advisory Terms
      • SentinelOne for AWSSentinelOne for AWS SentinelOne hosted in AWS
        regions around the world.
  • Resources

    Resources

    Your go-to source for the latest SentinelOne digital content, from webinars to white papers, and everything in between.
    Resource Center
    • Resource Center
      • Case Studies
      • Data Sheets
      • eBooks
      • Reports
      • Videos
      • Webinars
      • White Papers
    • Blog
      • Company
      • Cyber Response
      • Data Platform
      • Feature Spotlight
      • For CISO/CIO
      • From the Front Lines
      • Identity
      • Integrations & Partners
      • macOS
      • Podcasts
      • The Good, the Bad and the Ugly
    • Tech Resources
      • Sentinel 101
      • SentinelLabs
  • Company

    Company

    Here you will find all things SentinelOne. See how SentinelOne is redefining cybersecurity by pushing the boundariesof autonomous technology.

    • About SentinelOne
      • About SentinelOneAbout SentinelOne The Industry Leader
        in Cybersecurity
      • CareersCareers The Latest Job Opportunities
      • F1 RacingF1 Racing SentinelOne &
        Aston Martin F1 Team
      • Investor RelationsInvestor Relations Financial Information
        & Events
      • NewsNews Media Coverage & More
      • PressPress Company Announcements
      • FAQFAQ Get Answers to Our Most
        Frequently Asked Questions
      • BrandBrand SentinelOne Brand Guidelines
      • LabsLabs Threat Research for the
        Modern Threat Hunter
      • Cybersecurity BlogCybersecurity Blog The Latest Cybersecurity Threats, News, & More
      • DataSetDataSet The Live Data Platform
Back
  • Platform
    The SentinelOne platform delivers the defenses you need to prevent, detect, and undo—known and unknown—threats.
    XDR Platform Overview
    Platform Packages
    SentinelOne for Zero Trust
    • Platform Packages
      • SingularitySingularity CompleteThe Future's Enterprise Security Platform
      • SingularitySingularity ControlSecurity with Suite Features
      • SingularitySingularity CoreCloud-Native NGAV
    • Platform Products
      • SingularitySingularity CloudContainer & Cloud
        Workload Security
      • SingularitySingularity IdentityIdentity Security
      • SentinelOneSentinelOne DataScalable Data Management
      • SingularitySingularity MobileMobile Threat Defense
      • SingularitySingularity RangerNetwork Visibility & Control
      • SingularitySingularity Ranger ADActive Directory Security
      • SingularitySingularity HologramAdversary Deception
      • SingularitySingularity XDR Power ToolsAdvanced XDR tools
  • Why SentinelOne?

    Why SentinelOne?

    SentinelOne is autonomous cybersecurity built for what’s next.

    Why SentinelOne
    Get a Demo
    • Why SentinelOne?
      • Our CustomersOur Customers Trusted by Leading Enterprises Around the Globe
      • About UsAbout Us The Industry Leader in Autonomous Cybersecurity
      • Industry RecognitionIndustry Recognition Tested & Proven
    • Compare SentinelOne
      • Vs CrowdStrike
      • Vs Microsoft Defender EPP+EDR
      • Vs Microsoft Defender XDR
      • Vs McAfee
      • Vs Symantec
      • Vs Carbon Black
      • Vs Palo Alto
      • Vs Trend Micro
    • Verticals
      • Energy
      • Federal Government
      • Finance
      • Healthcare
      • Higher Education
      • K-12 Education
      • Manufacturing
      • Retail
  • Services

    Global Services

    Augment leading technology with trusted expertise, and get set up for success with hands-on support and training.
    Services Overview
    Get Help Now
    • Threat Services
      • Vigilance Respond ProVigilance Respond Pro MDR + DFIR24x7 MDR with Full-Scale
        Investigation & Response
      • Vigilance RespondVigilance Respond MDRDedicated SOC
        Expertise & Analysis
      • WatchTower ProWatchTower Pro Threat HuntingDedicated Threat Hunting
        & Compromise Assessment
      • WatchTowerWatchTower Threat HuntingHunting for Active Campaigns
        & Emerging Threats
    • Support, Deployment, & Health
      • SentinelOne GOSentinelOne GO Guided Onboarding
        & Deployment Advisory
      • Support ServicesSupport Services Tiered Support Options
        for Every Organisation
      • Technical Account ManagementTechnical Account Management Customer Success with
        Personalised Service
      • SentinelOne UniversitySentinelOne University Live & On-Demand Training
  • Partners

    Partner Program

    See how SentinelOne works with trusted names worldwide to enhance programs, process, and technology.
    Program Overview
    • OUR NETWORK
      • Singularity MarketplaceSingularity Marketplace Extend the Power of S1 Technology
      • Technology AlliancesTechnology Alliances See Integrated, Enterprise-Scale Solutions
      • Channel PartnersChannel Partners Deliver the Right Solutions. Together
      • Cyber Risk PartnersCyber Risk Partners Enlist Pro Response & Advisory Terms
      • SentinelOne for AWSSentinelOne for AWS SentinelOne hosted in AWS
        regions around the world.
  • Resources

    Resources

    Your go-to source for the latest SentinelOne digital content, from webinars to white papers, and everything in between.
    Resource Center
    • Resource Center
      • Case Studies
      • Data Sheets
      • eBooks
      • Reports
      • Videos
      • Webinars
      • White Papers
    • Blog
      • Company
      • Cyber Response
      • Data Platform
      • Feature Spotlight
      • For CISO/CIO
      • From the Front Lines
      • Identity
      • Integrations & Partners
      • macOS
      • Podcasts
      • The Good, the Bad and the Ugly
    • Tech Resources
      • Sentinel 101
      • SentinelLabs
  • Company

    Company

    Here you will find all things SentinelOne. See how SentinelOne is redefining cybersecurity by pushing the boundariesof autonomous technology.

    • About SentinelOne
      • About SentinelOneAbout SentinelOne The Industry Leader
        in Cybersecurity
      • CareersCareers The Latest Job Opportunities
      • F1 RacingF1 Racing SentinelOne &
        Aston Martin F1 Team
      • Investor RelationsInvestor Relations Financial Information
        & Events
      • NewsNews Media Coverage & More
      • PressPress Company Announcements
      • FAQFAQ Get Answers to Our Most
        Frequently Asked Questions
      • BrandBrand SentinelOne Brand Guidelines
      • LabsLabs Threat Research for the
        Modern Threat Hunter
      • Cybersecurity BlogCybersecurity Blog The Latest Cybersecurity Threats, News, & More
      • DataSetDataSet The Live Data Platform
Get a Demo
  • 1-855-868-3733
  • Contact
  • Cybersecurity Blog
Experiencing a Breach?

SentinelOne Unveils Storyline Active Response (STAR) To Transform XDR

Customized and Dynamic Detection Rules Coupled with Automated Responses Replace Legacy EDR Watchlists

Mountain View, Calif. – August 4, 2021 – SentinelOne (NYSE: S), an autonomous cybersecurity platform company, today unveiled SentinelOne Storyline Active Response (STAR)™, its cloud-based automated hunting, detection, and response engine. Integrated with SentinelOne’s ActiveEDR ®, STAR empowers security teams to create custom detection and response rules and deploy them in real-time to the entire network or desired subset, to proactively detect and respond to threats. STAR also enables security teams to turn these queries into hunting rules that trigger alerts and automated responses when rules detect matches. STAR replaces the need for manual, one-off, and labor-intensive legacy EDR activities with automated, customized responses – empowering SOC teams to stay a step ahead of the rapidly evolving threat landscape. Unlike legacy EDR watchlists, STAR can protect against new threats without software updates, write customized MITRE-compatible detection logic, and add rules for industry-specific threats at machine speed.

The SentinelOne Singularity XDR platform is built on the foundation of Storyline technology. Storyline leverages patented behavioral AI to monitor, track, and contextualize all event data across endpoints, cloud workloads, and IoT devices. The output is a dynamic model which scores risk and connects disparate event data automatically into an understandable story at machine speed. Storyline Active Response adds capability to the output of the Storyline technology to customize detection and automate responses.

“Despite advancements over the past few years, EDR products are still human-powered and dependent on manual work to respond to attacks. The result is a growing time gap which benefits the adversary in compromising enterprises,” said Yonni Shelmerdine, Head of XDR Products and Strategy, SentinelOne. “We built STAR to enable SOC teams to be proactive and efficient. The “R” of EDR – response – has always been too resource-intensive and is the weak spot where today’s products, people, and processes fall short. STAR is a natural evolution of our best-in-class visibility and advanced detection capabilities, enabling enterprises to benefit from the automation, scale, and speed that we’re bringing to the XDR era.”

Nationstates and cybercrime groups are continually automating their tactics, techniques, and procedures (TTPs) to avoid being detected within networks. EDR products are producing data at the scale of billions of events per day, creating an analysis and response challenge beyond the limits of human capacity. SentinelOne STAR alleviates this burden, leveraging technology to automatically respond to threats.

“In the face of ever-evolving attacks, time and automation are key to neutralizing them,” said Ben Auch, Sr. Director of Cybersecurity at Gannett. “SentinelOne STAR provides our security team the ability to write custom TTP and IOC detection rules to target threats specific to our environment and to kill the threats automatically. Also, unlike legacy watchlists, STAR lets us easily pivot from hunting threats to creating threat detection rules in real-time without needing to make any configuration changes. SentinelOne has been a great partner to us in all stages and continues to innovate and pioneer new solutions in the market.”

To learn more about how STAR can customize detection rules and automate response to fit your business and environment, please visit: ​​https://www.sentinelone.com/platform/singularity-xdr-power-tools/

About SentinelOne

SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous platform.

Press

Maryellen Sartori
fama PR for SentinelOne
P: 617-986-5035
E: [email protected]

For CISO/CIO | 8 minute read

How to Stay Ahead of the Adversary in 2022 | A Cybersecurity Checklist

May 18, 2022
Identity | 4 minute read

Denonia Malware Targets AWS Lambda Environments

May 16, 2022
For CISO/CIO | 6 minute read

Threat Landscape | The Most Dangerous Cloud Attack Methods In The Wild Today

May 12, 2022
From the Front Lines | 6 minute read

From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win

May 9, 2022

Purpose Built to Prevent Tomorrow’s Threats.

Today.

Your most sensitive data lives on the endpoint and in the cloud. Protect what matters most from cyberattacks. Fortify every edge of the network with realtime autonomous protection.
Get a demo
Company
  • Our Customers
  • Why SentinelOne
  • Platform
  • About
  • Partners
  • Support
  • Careers
  • Legal & Compliance
  • Security & Compliance
  • Contact Us
  • Investor Relations
Resources
  • Blog
  • Labs
  • Hack Chat
  • Press
  • News
  • FAQ
  • Resources
Global Headquarters

444 Castro Street
Suite 400
Mountain View, CA 94041

+1-855-868-3733

[email protected]

Sign Up For Our Newsletter
Thank you! You will now receive our weekly newsletter with all recent blog posts. See you soon!
English
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
©2022 SentinelOne, All Rights Reserved.
Privacy Policy Terms of Service