SentinelOne, the autonomous endpoint protection company, has unveiled its Singularity Platform. Singularity is an industry first data lake that seamlessly fuses together the data, access, control, and integration planes of its endpoint protection (EPP), endpoint detection and response (EDR), IoT security, and cloud workload protection (CWPP) into a centralised platform. With Singularity, organisations gain access to back-end data across the organisation through a single solution, providing a cohesive view of their network and assets by adding a real-time autonomous security layer across all enterprise assets.
“Today’s CISOs don’t want or need more data; they want context and intelligence to make existing data actionable and meaningful,” said Tomer Weingarten, CEO and Co-founder, SentinelOne. “Evolving technologies and enterprise architecture change the surface area that can be exploited by attackers and threats. From endpoints and IoT devices at the edge, to servers and virtual machines in data centres, to containerised cloud workloads, Singularity delivers on our promise of unrivalled product innovation. We deliver a comprehensive view of the entire enterprise to help organisations defend against every attack, at every stage in the threat lifecycle, through a singular autonomous platform.”
SentinelOne is the first security offering to expand from cloud-native yet autonomous protection to a full cybersecurity platform – with the same single codebase and deployment model – and the first to incorporate IoT and CWPP into an XDR platform. Singularity provides an easy to manage platform that prevents, detects, responds, and hunts in the context of all enterprise assets, allowing organisations to see what has never been seen before and control the unknown. It is the only platform powered by AI that provides advanced threat hunting and complete visibility across every device, virtual or physical, on prem or in the cloud.
Endpoint Protection (EPP)
SentinelOne’s EPP provides prevention of attacks across all major vectors, rapid elimination of threats with fully automated, policy-driven response capabilities, and complete visibility into the endpoint environment with full-context and real-time forensics. As the pioneer of behavioral AI, SentinelOne’s multiple patented AI algorithms protect against – and even automatically remediate – the widest array of threat vectors without dependency on connectivity, cloud latency, and human intervention.
Endpoint Detection & Response (EDR)
Going beyond traditional and next-generation antivirus and EDR solutions, SentinelOne’s ActiveEDR allows security teams to quickly understand the story and root cause behind threat actors and autonomously respond. The Deep Visibility Threat Hunting module provides a rich, pre-indexed, and rapid context-based approach to threat hunting across encrypted and unencrypted traffic. Analysts can eliminate the tedious busy work of PID tree walking and the hours spent trying to understand adversary actions. Instead, with ActiveEDR, everyone from advanced SOC analysts to novice security teams can benefit from fast access to the context they need in order to remediate threats and defend against advanced attacks.
IoT Discovery & Control
SentinelOne Ranger fortifies SentinelOne protected devices with IoT discovery and segmentation capabilities. Ranger not only detects rogue and smart devices, but also segments for IoT control. All IoT data is seamlessly integrated into Singularity for ease of threat hunting and never-seen-before context. Using AI to monitor and control access to every IoT device, SentinelOne allows machines to solve a problem that has been previously impossible to address at scale.
Container Workload Protection
SentinelOne’s cloud native and workload protection is powered by SentinelOne’s patented Behavioural AI and autonomous response capabilities. Supported on all major Linux platforms, physical and virtual, cloud native workloads, and Kubernetes containers, it provides prevention, detection, response, and hunting for today and tomorrow’s cyber threats. This includes malicious files and live attacks across cloud-native and containerised environments, offering advanced response options and autonomous remediation in real time.
Discussion about this post