SentinelOne and Mindflow have partnered to enable users to automate their incident management and better protect their information systems.
SentinelOne Singularity is an advanced Endpoint protection platform and threat hunting solution that delivers real-time visibility with contextualized, correlated insights accelerating triaging and root cause analysis. It enables proactive hunting capabilities to uncover stealthy, sophisticated threats in your environment.
Storyline provides analysts with real-time, actionable correlation and context and lets security analysts understand the root cause. It automatically links all related events and activities in a storyline with a unique identifier to allow security teams to see the full context.
SentinelOne’s behavioral engine tracks all activities on the system, including file/registry changes, service start/stop, inter-process communication, and network activity. It detects techniques and tactics that are indicators of malicious behavior to monitor stealthy behavior and identify advanced threats. It automatically correlates related activity into unified alerts that provide insight.
SentinelOne maps attacks in real-time to the MITRE ATT&CK framework to gather immediate indicators and attack technique context.
The platform enables analysts to take the required actions to respond and remediate the threat with a single click by enabling your analyst to execute a full suite of remediation actions.
Rollback functionality automatically restores deleted or corrupted files caused by ransomware activity to their pre-infected state. It simplifies response and reduces mean time to resolution. It also offers full Remote Shell capabilities on all platforms to give your security team a quick way to investigate attacks, collect forensic data, and remediate breaches.
SentinelOne lets customers leverage the insights Storyline delivers and create custom automated detection rules specific to their environment with Storyline Active-Response (STAR). STAR enables you to incorporate business context and customize the EDR solution to your needs.
You can turn Deep Visibility queries into automated hunting rules that trigger alerts and responses when rules detect matches with custom detection rules.
SentinelOne Hunter, a Chrome Extension, helps your analysts by allowing them to scrape data from your browser and opens a query in your SentinelOne Management Console to search for that data across your systems (IP addresses, DNS names, and hashes (MD5, SHA-1, and SHA-256) and redirected to your Management Console).
Binary Vault lets you automatically upload benign and malicious executables to the SentinelOne Cloud, stored for 30 days.