SentinelOne-ServiceNow Integration: Automated Security Incident Response for MSSPs?
The worlds of IT service management (ITSM) and endpoint security continue to converge. The latest example involves a SentinelOne integration with ServiceNow Security Incident Response (SIR) — which enables security and IT teams to automate incident response, the two companies said.
On paper, the integration and software relationship make considerable sense. SentinelOne has growing momentum with MSSPs and security-minded MSPs. And ServiceNow has expanded it’s momentum from enterprise service desks out to mid-market MSPs. Converge those trends, and the SentinelOne-ServiceNow capabilities may allow MSPs and MSSPs to coordinate incident response across customers’ endpoint and cloud environments.
Within ServiceNow, a user can view relevant incident details surrounding a threat. If a user determines a corrective action is needed, ServiceNow can trigger automated response actions in SentinelOne to kill, quarantine, remediate or roll back potential effects from the threat.
The SentinelOne App for ServiceNow Security Incident Response app is available via the SentinelOne Singularity Marketplace and ServiceNow Store.
Meanwhile, SentinelOne remains in the market for potential acquisition and investment opportunities. One proposed deal, allegedly acquire Orca Security, fell apart in December 2021. However, SentinelOne in that same month invested in invested in Torq, a no-code security automation software company.
SentinelOne Channel Partner & MSSP Engagements
On the partner front, SentinelOne reported its annual recurring revenues from MSSP-oriented channel partners increased more than 300 percent in Q3 of fiscal 2022 compared to Q3 of fiscal 2021. SentinelOne looks poised to expand its channel partnerships as well.
SentinelOne provides an eXtended detection and response (XDR) platform that uses artificial intelligence and machine learning to help organizations identify and mitigate cyber threats. The company also offers a partner program that lets MSSPs, MSPs and other technology providers integrate its security offerings into their portfolios.