Experiencing a Breach?

SentinelOne

University

SentinelOne offers professional training courses to enhance your cybersecurity and endpoint protection skills.

Designed to Educate

Professionals in all Industries

Cyber criminals use sophisticated techniques to breach corporate networks, accordingly cyber security specialists must learn how to prevent, detect, respond, and hunt for security breaches.  SentinelOne University training courses are designed to educate professionals in the latest SentinelOne EPP & EDR technology and prepare them with the skills and workflows necessary to improve and strengthen the security of their corporate network.

 

The SentinelOne University program provides flexible training options, from Live In-Person, Live On-Line, On-Demand technology training, and custom private On-Site training events.

SentinelOne University

Courses

Courses:

S1-200 SentinelOne Core Workshop
S1-201 SentinelOne Administrator Course
S1-202 SentinelOne Investigator Course
S1-203 SentinelOne Fundamentals Course
S1-204 SentinelOne Ranger Course
S1-301 SentinelOne IR Threat Hunting Course

The course catalog is your guide to the SentinelOne University collection of training courses.

The catalog contains the syllabi of all of the current courses offered.

Current Class Schedule

On-Demand Training

SentinelOne University offers On-Demand training that allows participants to learn anytime and anywhere, at their own pace. Participants will have access to video lectures and course materials. Courses are taught by SentinelOne University certified instructors and the On-Demand environment allows you to watch from your desktop or mobile devices.

How to register for SentinelOne University On-Demand courses:

• Start by purchasing Training Credits. You can contact your sales representative and purchase Training Credits. (See Training Credits for more information).

• After you purchase the Training Credits for the course, you contact SentinelOne University at [email protected] and request access to the On-Demand Learning Environment.

• You will have access to the course manual and the videos that you can watch at your pace with the ability to pause, rewind, move forward or watch again.

• The course is valid for a period of 120 days.

• Once you have completed each section, you will be offered a review exam to reinforce the learning objectives.

• After you complete all of the sections, you will be offered a comprehensive exam. Successful completion of the exam will grant you a Certificate of Completion to the course. The passing score is 80% and you receive two attempts to pass.


SentinelOne University courses available On-Demand

· S1-200 SentinelOne Core Workshop (1 Training Credit)

Continue to check for new courses as they are added.

Training Credits

Training Credits Overview

  • Training Credits are designed for individuals and companies that want to purchase training for multiple employees and need the flexibility to decide who attends the training and when.
  • Training Credits can be used to purchase online and on-site training courses as well as pay for SentinelOne Certification exams.
  • Ideal for volume license agreements, large projects, and end-of-year budget purchases.
  • Training credits cannot be used for T&E or other course-related expenses.
  • Clients will be responsible for the actual T&E after the training event is complete.

Training Credits Guidelines

  • There are no minimum purchase requirements or Training Credits.
  • Training Credits must be redeemed within one year from the date of purchase.
  • Training Credits due to expire can be extended one more year with the purchase of additional training credits.
  • Unused Training Credits at the end of one year are non-refundable.

Training Credit Details

Training Credits can be used for:

  • SentinelOne Training Courses (Public Online or Private On-Site)
  • SentinelOne Certification exam fees
  • When applied to training, Training Credits must be used for training that begins before the expiration date.
  • The customer must designate a primary point of contact who will be authorized to schedule training for their employees.
  • If a class attendee needs to reschedule a course, they must do so before the class starts in order to receive a credit refund.
  • Any class attendees who fail to attend a course and do not notify training prior to the class starting will forfeit the Training Credits for that course.
  • Enrollment in any class or exam can be completed by emailing [email protected].

Training Credit Details

SentinelOne Core Workshop
1 Day Course – 2 Credits per seat

SentinelOne Administrator Course
1 Day Course – 2 Credits per seat

SentinelOne Investigator Course
2 Day Course – 4 Credits per seat

SentinelOne Fundamentals Course
3 Day Course – 6 Credits per seat

SentinelOne Ranger Course
½ Day Course – ½ Credit per seat

SentinelOne Custom Training Courses
2 Credits per day per seat

SentinelOne IR Threat Hunting Course
1 Day Course - 2 Credits per seat

Contact SentinelOne Sales for more information and pricing: - [email protected]

Certifications

SentinelOne Certified Administrator (SCA)

The SCA certification recognizes administrators who meet the knowledge and skills of administering the SentinelOne platform.  Prerequisites for this certification are the SentinelOne Administrator course (S1-201) and the SentinelOne Ranger Workshop (S1-204).  The open book examination contains 60 questions and applicants are allowed 90 minutes to complete the examination.  It is recommended that the applicants have access to the SentinelOne platform.  Applicants who are unsuccessful in their first attempt can retake the examination after 30 days.  The exam is designed to test the applicant’s knowledge on:

  •         Policy settings
  •         SentinelOne EDR platform configuration
  •         Site and Group creations
  •         User management
  •         Agent deployment and management
  •         Administrating the Blacklist and Exclusions
  •         Administrating Firewall and Device Controls
  •         Integrations and Notifications
  •         Application Risk Management
  •         Running reports
  •         Review the Activity page
  •         Ranger configuration
  •         Ranger Inventory review

SentinelOne Certified Investigator (SCI)

The SCIR certification recognizes Incident Investigators and Analysts who meet the knowledge and skills of identifying and responding to threats on the SentinelOne platform.  The prerequisite for this certification is the SentinelOne Investigator course (S1-202) or the SentinelOne Fundamentals course (S1-203).  The open book examination contains 60 questions and applicants are allowed 90 minutes to complete the examination.  It is recommended that the applicants have access to the SentinelOne platform.  Applicants who are unsuccessful in their first attempt can retake the examination after 30 days.  The exam is designed to test the applicant’s knowledge on:

  •         Identifying alerts
  •         Analyzing alerts
  •         Different detection engines
  •         Reviewing Forensic details

o   Classification

o   Status

o   Risk levels

o   Detection type

o   Indicators

o   Network Connections

o   Attack Overview

o   Attack Story Line

o   Raw Data Report

  •         Taking actions on Suspicious and Threat notifications
  •         Using Blacklists and Exclusions
  •         Using Firewall and Device Controls
  •         Reviewing Application Risk Management
  •         Reviewing the Activity page
  •         Regular Expressions
  •         Deep Visibility

SentinelOne Certified Incident Responder (SCIR)

The SCIR certification recognizes individuals who meet the basic knowledge and skills of administering the SentinelOne console, identifying and responding to threats on the SentinelOne platform and Threat Hunting.  The prerequisites for this certification are the SentinelOne Core Workshop (S1-200) and the SentinelOne Threat Hunting Workshop (S1-205).  The open book examination contains 60 questions and applicants are allowed 90 minutes to complete the examination.  It is recommended that the applicants have access to the SentinelOne platform.  Applicants who are unsuccessful in their first attempt can retake the examination after 30 days.  The exam is designed to test the applicant’s knowledge on:

  •         Basic SentinelOne platform configuration and settings
  •         Agent deployment and management
  •         Administrating the Blacklist and Exclusions
  •         Administrating Firewall and Device Controls
  •         Application Risk Management
  •         Running reports
  •         Identifying and responding to alerts
  •         Regular Expressions
  •         Deep Visibility Threat Hunting

SentinelOne Certified Advanced Incident Responder (SCAIR)

The SCAIR certification recognizes individuals who meet the knowledge and skills of administering the SentinelOne console, identifying and responding to threats on the SentinelOne platform.  The prerequisites for this certification are the SentinelOne Administrator course (S1-201), the SentinelOne Investigator course (S1-202) and the SentinelOne Threat Hunting Workshop (S1-205) or the SentinelOne Fundamentals course (S1-203) and the SentinelOne Threat Hunting Workshop (S1-205).  The open book examination contains 90 questions and applicants are allowed 120 minutes to complete the examination.  It is recommended that the applicants have access to the SentinelOne platform.  Applicants who are unsuccessful in their first attempt can retake the examination after 30 days.  The exam is designed to test the applicant’s knowledge on:

  •         Policy settings
  •         SentinelOne EDR platform configuration
  •         Site and Group creations
  •         User management
  •         Agent deployment and management
  •         Administrating the Blacklist and Exclusions
  •         Administrating Firewall and Device Controls
  •         Integrations and Notifications
  •         Application Risk Management
  •         Running reports
  •         Ranger configuration
  •         Ranger Inventory review
  •         Identifying alerts
  •         Analyzing alerts
  •         Different detection engines
  •         Reviewing Forensic details

o   Classification

o   Status

o   Risk levels

o   Detection type

o   Indicators

o   Network Connections

o   Attack Overview

o   Attack Story Line

o   Raw Data Report

  •         Responding to Suspicious and Threat notifications
  •         Reviewing the Activity page
  •         Regular Expressions
  •         Deep Visibility Threat Hunting

Contact Training


To contact training for more information at [email protected]

Purpose Built to Prevent Tomorrow’s Threats.

Today.

Your most sensitive data lives on the endpoint and in the cloud. Protect what matters most from cyberattacks. Fortify every edge of the network with realtime autonomous protection.