SentinelOne

 

 

SentinelOne is an EPP and EDR product that provides a unified solution to the aspects of Prevention, Detection, Response & Remediate.

 

It can be installed in servers and workstations and supports Windows, Linux and Mac.

 

The solution includes advanced threat protection for Ransomware, File-less attacks, memory-based attacks, and much more.

 

SentinelOne can replace or work side by side with any antivirus.

 

With one efficient agent, and with an easy-to-use (cloud or on-premise) console, the solution includes:

 

-  Prevention (for files before running) against known and unknown threats

 

- Identification (at the stage of execution / operation) of live threats, based on operating system level analysis and real-time process kill - especially for memory-based attacks

 

- Repair (after execution), including actions like isolate from network, remediation to unusual activities, Rollback function for ransomware attack including a deep investigation and forensic the whole event.

 

- In addition, SentinelOne product includes EDR capabilities – Full visibility into endpoint and network traffic including encrypted data without changing network topography and Real-time and correlation for IOC Hunting