SentinelOne Unveils Storyline Active Response To Transform XDR
August 04, 2021 at 12:15 pm
Share
SentinelOne unveiled SentinelOne Storyline Active Response (STAR)TM, its cloud-based automated hunting, detection, and response engine. Integrated with SentinelOne’s ActiveEDR®, STAR empowers security teams to create custom detection and response rules and deploy them in real time to the entire network or desired subset, to proactively detect and respond to threats. STAR also enables security teams to turn these queries into hunting rules that trigger alerts and automated responses when rules detect matches. STAR replaces the need for manual, one-off, and labor intensive legacy EDR activities with automated, customized responses - empowering SOC teams to stay a step ahead of the rapidly evolving threat landscape. Unlike legacy EDR watchlists, STAR can protect against new threats without software updates, write customized MITRE-compatible detection logic, and add rules for industry-specific threats at machine speed. The SentinelOne Singularity XDR platform is built on the foundation of Storyline technology. Storyline leverages patented behavioral AI to monitor, track, and contextualize all event data across endpoints, cloud workloads, and IoT devices. The output is a dynamic model which scores risk and connects disparate event data automatically into an understandable story at machine speed. Storyline Active Response adds capability to the output of the Storyline technology to customize detection and automate responses. Nationstates and cybercrime groups are continually automating their tactics, techniques, and procedures (TTPs) to avoid being detected within networks. EDR products are producing data at the scale of billions of events per day, creating an analysis and response challenge beyond the limits of human capacity. SentinelOne STAR alleviates this burden, leveraging technology to automatically respond to threats.
SentinelOne, Inc. is an artificial intelligence (AI)-powered cybersecurity provider. The Companyâs Singularity Platform detects, prevents, and responds to cyberattacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and network-connected devices. The Companyâs Singularity platform ingests, correlates, and queries petabytes of structured and unstructured data from a myriad of ever-expanding disparate external and internal sources in real time. Its distributed AI models run both locally on every endpoint and every cloud workload, as well as on its cloud platform. The Companyâs offering also includes PingSafe, a cloud native application protection platform (CNAPP) to bolster its cloud security product suite. By adding PingSafeâs CNAPP to its Cloud Workload Security (CWS), it provides enterprises with a comprehensive cloud security coverage that drives security, improved posture, and autonomous protection.