SentinelOne Announces Automated Threat Hunting, Detection Engine
SentinelOne has incorporated the Storyline Active Response (STAR) cloud-based automated threat hunting, detection and response engine into its ActiveEDR solution. STAR can protect against cyber threats without software updates, write custom MITRE-compatible detection logic and add rules for industry-specific threats at machine speed, according to a prepared statement.
Security teams can leverage STAR to create custom detection and response rules and deploy them in real time across networks, SentinelOne noted. They also can use the engine to establish threat hunting rules that trigger alerts and automated responses when matches are detected.
How Does STAR Work?
Storyline technology uses behavioral artificial intelligence (AI) to monitor, track and contextualize event data across endpoints, cloud workloads and Internet of Things (IoT) devices, SentinelOne noted. It provides a model that scores risk, connects event data and produces a story relating to the event data.
STAR adds threat detection and response capabilities to Storyline, SentinelOne said. In doing so, STAR lets security teams customize threat detection and automate responses.
Recent SentinelOne Partnerships: ConnectWise, High Wire Networks
Meanwhile, SentinelOne has been busy on the partner front.
For instance, High Wire Networks in July 2021 partnered with SentinelOne to launch a Managed Endpoint Detection and Response (EDR) service. Available via the Overwatch Managed Security Services Marketplace, Managed EDR combines SentinelOne’s endpoint protection platform (EPP) and AI-based EDR solution with the Overwatch security operations center (SOC) to provide endpoint protection-as-a-service (EPaaS).
In addition, SentinelOne in July 2021 incorporated SentinelOne Control and SentinelOne Complete as standalone products into the ConnectWise security product suite. Also, SentinelOne and ConnectWise indicated they are working together to develop integrations for MSPs and technology solution providers (TSPs).
SentinelOne provides the Singularity XDR platform to help organizations identify and mitigate threats in real time. The company leverages its MSSP and MSP relationships and channel partners to drive more than 90 percent of its revenue.