<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

SentinelOne: Security Integrations

sentinelone integrations

SentinelOne is known for its AI-driven endpoint security protection platform (EPP). The lightweight agent integrates with leading security tools and platforms. Their team regularly announces partnerships and development with best-in-breed tools.

 

API-First Approach

SentinelOne was created with an API-first approach, made to interface seamlessly with leading security tools. Their current automation integrations include SonicWall, Fortinet, Splunk, QRadar, LogRhythm, Demisto, Phantom, and even Alexa.

Datashield understands the importance of API integrations. Our SHIELDVision orchestration tool aggregates data and logs across our clients’ environments to help find zero-day exploits. Being able to integrate with SentinelOne enables us to take our service one step further in the cloud.

 

Security information and event management (SIEM)

SIEM tools are one of the most powerful instruments for providing in-depth context around a network’s security. SentinelOne’s EPP integrates with cloud-native solutions like Google Chronicle.


Chronicle Integration

Google’s cloud-based SIEM has been a silent giant in the cloud security realm. Datashield is working with Chronicle to provide data stewardship and compliance support to clients, even in the sub-100 employee count.

Learn more about our Cloud-Native MDR Services here.


SentinelOne also lists Splunk, Sumo Logic, LogRhythm and IBM QRadar as SIEM integrations.

 

Threat Hunting and Orchestration Tools

SentinelOne on its own has a dashboard that aggregates and compiles data streams from across an organization’s network.

Datashield takes SentinelOne to the next level with our cloud-native managed detection and response service. We utilize our proprietary automation and orchestration tool, SHIELDVision, to act as a force multiplier to provide 24/7/365 real-time alerting. It integrates with SIEM, Endpoint, Email and Firewall solutions.

Through our multi-source intelligence feed integrations and in-house threat content team, SHIELDVision allows our ASOC to be nimbler and more efficient than our competitors.

Our technology allows us to threat hunt across multiple client environments for potential vulnerabilities. We are also able to perform forensic analysis and investigations for clients regarding a breach or vulnerability.

 

User Endpoint Clients

Here is a list of user endpoint clients that SentinelOne integrates with:

  • Windows XP, 7, 8, 8.1, 10
  • Mac OSX 10.9.x, 10.10.x, 10.11x, macOS
  • 12x macOS 10.13 (High Sierra)
  • CentOS 6.5, 7.0, 7.2
  • Red Hat Enterprise Linux 6.5, 7.0, 7.2
  • Ubuntu 12.04, 14.04, 16.04, 16.10
  • openSUSE 42.2

 

Server Endpoint Clients

Here is a list of server endpoint clients SentinelOne integrates with:

  • Windows Server 2003, 2008, 2008 R2, 2012,
  • 2012 R2, 2016
  • CentOS 6.5, 7.0, 7.2
  • Red Hat Enterprise Linux 6.5, 7.0, 7.2
  • Ubuntu 12.04, 14.04, 16.04, 16.10
  • SUSE Linux Enterprise Server 12SP1
  • Oracle Linux 6.5 - 6.9, 7.0+
  • Amazon Linux (AMI) 2016.09+, 2017.03+

 

Virtual Environments

Here is a list of virtual environments that SentinelOne integrates with:

  • Citrix XenApp, XenDesktop
  • Microsoft Hyper-V
  • Oracle VirtualBox
  • VMware vSphere
  • VMware Workstation
  • VMware Fusion
  • VMware Horizon

 

The Datashield Difference

SentinelOne’s Singularity platform offers powerful integrations. From deployment to management, Datashield has been able to help our clients utilize SentinelOne’s full potential. Our team of security engineers can assist with advanced tool tuning and deploy custom runbooks to run SentinelOne even more efficiently.

Powerful tools only work as well as the people wielding them. Datashield has a direct partnership with SentinelOne to provide scalable cloud security 24/7/365.

If your organization is considering SentinelOne, make sure you partner with the best in managed security service providers. Datashield has been a part of the industry for over a decade and is still on the forefront of cybersecurity solution architecture and management.

Contact us today.

Topics from this Article

SIEM, Cloud Security, SHIELDVision, Threat Intelligence, Security Information and Event Management, SentinelOne, Cloud SIEM

Cassidy Trowbridge
Cassidy Trowbridge
Cassidy is a marketing specialist at Datashield. She manages Datashield's content and social marketing strategies.

Related Posts

Detecting and Preventing UNC1878

Recently, The FBI, the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency (CISA) released an alert that warned that the healthcare industry was being targeted by hackers.

What is Microsoft Azure Virtual Network?

Azure Virtual Network (VNet) is a platform enabling you to create and maintain private networks in the context of Azure cloud and services. VNet works in a similar fashion a network in a data center works while introducing added advantages such as scale, availability, and isolation. 

What is Microsoft Azure Traffic Manager?

Azure Traffic Manager is a DNS-based load balancer to manage user traffic distribution of service endpoints in different data centers. This tool can service any of the Azure global regions and secure an optimal level of availability and responsiveness for your services.