What is SentinelOne?

SentinelOne is a computer Endpoint Detection and Response (EDR) solution powered by artificial intelligence and machine learning to detect threats that conventional antivirus would simply miss.  Unlike traditional antivirus software, which works retroactively to detect threats based on signatures, SentinelOne works proactively to detect unusual behaviour.

Antivirus systems which are signature-based are totally inadequate at repelling ransomware attacks.  By focusing on behaviour, SentinelOne active EDR can detect patterns, or activities occurring which are suspicious. Processes identified as threats are killed or isolated before they can spread, providing superior ransomware protection.

x

The proof is in the numbers

SentinelOne is used by world-renowned brands like Estée Lauder, Aston Martin, and Autodesk, as well as four of the Fortune 10 companies, to protect a trillion dollars of business across millions of endpoints.

SentinelOne has received several awards from its customers, including Gartner Best Endpoint Detection and Response (EDR) Solutions, and Gartner Best Endpoint Protection Platforms (EPP).

Independent testing has proven its effectiveness.  In the MITRE ATT@CK simulation, SentinelOne was recognised as having the lowest number of missed detections, achieving the highest number of combined high-quality detections and the highest number of correlated detections. 

How SentinelOne works

Pre-execution, SentinelOne’s single, local agent replaces traditional antivirus signatures with a Static AI engine to provide protection. It doesn’t stop there. Even if the threat isn’t recognized, SentinelOne’s Behavioral AI engines track all processes and their interrelationships, regardless of how long they’re active. When an agent detects malicious activities, it responds automatically, at machine speed. The local engine is vector-agnostic: it works with file-based malware, scripts, weaponized documents, lateral movement, fileless malware, and even zero-days.

Post-execution, SentinelOne’s ActiveEDR—the behavioral AI model—provides rich forensic data and can mitigate threats automatically, perform network isolation, and auto-immunize the endpoints against newly discovered threats. As a final, last safety measure, SentinelOne can even roll back an endpoint to its pre-infected state.