In addition to creating the world’s most advance endpoint protection Solutions, we are also dedicated to protecting all the data that we collect subscribers to the Solutions, in accordance with industry best standards and practices. Our customers demand the highest levels of data security, and many have tested our Solutions to verify that it meets their standards. We have surpassed expectations and received high praises from some of the most sophisticated, security-minded organizations in the world.
We recognize that our customers’ information must be well managed, controlled and protected. To that end, We have a dedicated security team that oversees SentinelOne’s information security program, which encompasses high-quality network security, application security, identity and access controls, change management, vulnerability management and third-party pentesting, log/event management, vendor risk management, physical security, endpoint security, physical security, governance & compliance, and people/HR security, disaster recovery and a host of additional controls. Among other things, Our servers are protected by high-end firewall systems, scans are performed regularly to ensure that any exposed vulnerabilities are quickly found and patched, complete penetration tests are performed yearly, customer data is processed and stored at a specific location known to the customer within a specific region such as North America, Europe or Asia, access to systems is restricted to specific individuals based on “need to know” principles and monitored and audited for compliance, We use Transport Layer Security (TLS) encryption (also known as HTTPS) for all customer data transfers, and customers can elect to have all their data encrypted at rest Our Solutions are hosted by AWS, which is independently audited using the ISO 27001 and SOC3 TypeII Standards as described here. To ensure that we maintains the highest possible levels of information security, SentinelOne has procured the auditing services of a reputable third party auditors and audits its information security practices annually under the ISO27001 Standard SentinelOne is also working on a FedRAMP compliance program, with full certification expected in mid-2019.
Finally, if you are a customer we ask that you ensure that your administrators of the Solutions ensure sound security practices in maintaining access credentials to your instance of the Solutions, including strong account passwords and access restrictions to your accounts to authorized persons. Where customers become aware of a compromise to any of their account credentials, we ask that you notify us immediately by contacting our Support Team.