SentinelOne – highest rated vendor in Gartner 2020 EDR ‘Voice of the Customer’ is a certified endpoint protection platform (EPP) designed for a range of industries such as finance and healthcare. This is a specific type of computer network security solution which focuses on detecting and terminating potential cyber threats that are remotely connected to their client’s technology devices. SentinelOne use a static AI engine that replaces traditional signature methods and identifies unique malicious behaviours; this boosts end-user productivity as it removes the need for recurring scans. Organisations that rely on traditional antivirus protection often experience the cost of recovery and downtime after an attack.
SentinelOne also cover endpoint detection and response (EDR), IoT security and cloud workload protection (CWPP). They offer a range of protection against malware, ransomware, exploitation attacks and more. In addition, it enables users to alleviate the effects of any attacks and restores the system which makes it immune from future threats. They utilise a technology which can anticipate attacks and stop them in their tracks by deeply inspecting emails, documents, files, browsers and more. Further benefits include transferability across a wide range of operating systems – including MacOS and Linux, time saving due to AI engines and simple integration and management.
ConnectDS provide a fully managed SentinelOne service to protect and provide advanced visibility of all devices and network communications – monitored by our security team 24/7/365.
The tooling captures rich forensic data, which allows our Security Analysts to provide the expertise and processes to action threats automatically. With our multilayered security tool mapping to the MITRE ATT&CK™ framework, this allows us to autonomously detect attacks in real time by providing our SOC team with immediate alerting and attack technique context.
This service provides continuous monitoring from our Security Operations Centre (SOC) to protect your organisation from both known and unknown threats; pre-execution, on-execution and post-execution.
Managed Security Monitoring Service
Our managed security monitoring is a comprehensive service that includes device control, EDR (Endpoint Detect & Respond), NGAV (Next Generation Anti-Virus) and Containment and Response.
A single agent is installed on all Windows/Mac/Linux server and desktop endpoints, all of which are then monitored and managed by our Security Operations Centre (SOC).
Device Control (Optional)
Ability to control endpoint activity such as enforcing host firewall rules, mitigating data exfiltration by enabling custom rules to prevent or control the usage of USB storage media, and preventing transfer of malicious code.
Next Generation Anti-Virus (NGAV)
Overcoming the limitations of traditional anti virus and provides pre-execution protection to detect and prevent advanced threats.
Endpoint Detect & Respond (EDR)
Deep endpoint visibility with the detection of malicious indicators allows our security teams to quickly detect and investigate suspicious activity and identify the root cause behind internal and external threats, misconfiguration and policy violations within the environment.
Containment and Response
Upon the detection of malicious code execution our SOC can initiate containment of the compromise by remotely preventing any network activity through host isolation. In the event of a crypto attack the rollback system detects and mitigates mass encryption and performs a rollback of the system to the pre-crypto state.
Find out more
To enquire about SentinelOne and learn more about how our team can help you give us a call or complete our contact form.