SentinelOne Cloud Workload Protection Platform

SentinelOne enhances EPP + EDR + typical Linux security with CWPP, Cloud Workload Protection Platform. Our CWPP compatible Linux Agent evaluates attacks locally, at machine speed. Malicious actors can be identified and expelled in real-time. Our SaaS-managed Agent runs these engines:

  • Static AI file analysis

  • SentinelOne patented Behavioral AI analysis of code execution

  • EDR artifact collection

  • Multiple real-time protective response mechanisms

The CWPP Agent is now deployed to Kubernetes, for orchestration that gives zero-minute protection and consistent uptime.

The CWPP Agent supports self-managed Kubernetes (such as KOPS), AWS EKS, Azure AKS, and Google GKE (soon). SentinelOne provides all this without treading on kernel space, with the smallest possible footprint on endpoint resources.

SentinelOne CWPP Agent highlights:

  • Protects containers and does not interfere with them.

  • Protects against container escape.

  • Deploys one Agent for each Kubernetes node, for reduced IT requirements.

  • Automatically scales as you add nodes to the cluster, with a native Kubernetes daemonset.

  • Provides visibility of affected implementations, EDR historical data, Kubernetes attribute information, and more.