SentinelOne Product Review

Endpoint detection and response (EDR) is a vital tool for creating an effective security infrastructure for your organization. Endpoints are the most common entry point for malware and other malicious attackers, and protecting them is more important than ever with the boom in remote work due to the COVID-19 pandemic.

About SentinelOne

SentinelOne is an advanced EDR tool that uses AI-powered threat detection and response. It combines EDR and endpoint protection platform (EPP) capabilities and operates across all aspects of a network, including endpoints, containers, cloud workloads and internet of things (IoT) devices. SentinelOne was named one of our Top Endpoint Detection & Response (EDR) Solutions for 2021.

Its patented behavioral and static AI models provide powerful automation for identifying and blocking threats. SentinelOne offers protection against executables, memory-only malware, exploits in documents, spear phishing emails, macros, drive-by downloads and other browser exploits, scripts such as Powershell, and credential encroachments.

SentinelOne was named the top-rated endpoint protection platform by Gartner Peer Insights. They recently launched a research division made up of security experts to help protect against evolving advanced threats.

SentinelOne has raised $700 million in funding since being founded in 2013. The vendor also recently acquired Scalyr, a log management, server monitoring and event data analytics provider for $155 million. This move was meant to extend the platform’s monitoring and analysis capabilities beyond endpoints and across an entire enterprise and cloud attack surface.

SentinelOne proved itself to be a powerful enough solution for Amazon to make available on the AWS marketplace so customers can rapidly deploy the solution.

Notable features

SentinelOne offers a number of key features that make it a comprehensive EDR solution.

Administration

Sentinel one simplifies endpoint management. It offers a centralized console for managing assets and discovering and controlling devices.

Detection and response

Machine learning and AI allow SentinelOne to anticipate and identify threats in real-time. It continuously hunts for threats throughout a network, using patented behavioral AI to recognize potentially malicious behavior. It can detect fileless, zero-day and nation-grade attacks.

SentinelOne also provides automated responses. When threats are detected, it can isolate, quarantine and even remediate issues without human intervention.

Analytics

Part of what makes SentinelOne such a powerful solution is its analytics-based approach to threat detection and response. The combination of data collection, behavioral analysis, AI and machine learning, as well as robust incident reporting, provides an abundance of threat intelligence to proactively identify new threats and offer effective remediation. This is further bolstered by the acquisition of Scalyr.

SentinelOne plans

SentinelOne does not release pricing information on its website. Contact the vendor for custom enterprise pricing tailored to meet the varying needs of your organization.

SentinelOne case studies

SentinelOne is best suited for enterprise organizations. It can support use cases across a variety of industries. Here are some example case studies:

• Fever-Tree
• MITRE
• Hitachi Consulting
• AVX
• TGI Fridays

Top SentinelOne Alternatives