SentinelOne's Singularity portfolio is a subscription-based, cloud-centric cyberthreat management stack that features computer learning algorithms and advanced services to deliver comprehensive endpoint detection and response. SentinelOne's small-footprint software agents can be installed in minutes to defend endpoints against increasingly sophisticated assaults such as ransomware, known and new malware, trojan viruses, hacking tools, RAM exploits, malicious scripts, harmful macros, and living-off-the-land attacks. SentinelOne agents are available for Microsoft Windows, macOS, Linux distributions, and Kubernetes powered endpoints. Compatible form factors include physical, virtual, VDI, customer and hybrid data centers, and cloud providers. Because SentinelOne agents are autonomous, they can deliver advanced behavior-based protection in real time even if endpoints are not cloud connected.
Progent is a SentinelOne Partner and reseller and manages thousands of endpoints protected by SentinelOne Singularity technology. SentinelOne Singularity is invariably the first EDR response software activated by Progent to provide control and visibility of a customer's system at the outset of a ransomware emergency. SentinelOne is also the root EDR software powering Progent's Active Security Monitoring services. SentinelOne has been ranked as a top visionary in Gartner's 2022 Magic Quadrant for Endpoint Protection Platforms and attained the highest number of analytic detections in real-time with zero delays during the gold-standard MITRE ATT&CK Phase 4 Evaluation. Gartner concludes, "This reaffirms its (SentinelOne's) ability to detect all attacks and provide full details of the techniques and tactics used." SentinelOne also surpassed all competition for each use scenario in Gartner's evaluation of Critical Capabilities for Endpoint Protection Platforms.
Singularity Packages for SentinelOne Endpoint Detection and Response
SentinelOne's Singularity product line has three tiers of endpoint protection product packages delivered as a global SaaS solution that delivers high availability, centralized policy management, AI powered threat intelligence, rapid restoration, and a data-driven dashboard for cyberthreat analytics. Packages consist of Core for entry-level security, Control for advanced management, and Complete for smart root cause analysis. The tiers are incremental. Control and Complete each have all the features and options of the level beneath it. Pricing begins at $5 for each endpoint per month for small customers with significant discounts for larger accounts. There is no minimum device count.
SentinelOne Singularity Core offers basic anti-virus and next-gen anti-virus capability and features entry-level Endpoint Detection and Response. Standard capabilities of Singularity Core include:
SentinelOne's Singularity Control includes all the standard features and supports all the options of the Core bundle and adds features for improving device management such as secure remote shell, firewall control with location awareness (Win, Mac, Linux), device control for USB and Bluetooth/Bluetooth Low Energy peripherals (Win, Mac), and app vulnerability.
Options for the SentinelOne Singularity Control package include isolation of suspicious and malicious devices via the Singularity RANGER package plus automated app management for containers via SentinelOne's Singularity Cloud bundle.
Singularity Complete comes with all the standard features and works with all the options of the Control bundle and adds single-agent enterprise-grade prevention, detection, reaction and hunting across endpoints, cloud, and Internet of Things. This high-end package saves significant work for security administrators, Security Operations Center analysts, threat hunters, and incident responders by automatically correlating telemetry and using it with the MITRE ATT&CK database to expose root causes. Complete offers an advanced EDR feature set that includes:
Vigilance Respond MDR Services
Vigilance Respond and Vigilance Respond Pro are optional Managed Detection and Response programs for subscribers to SentinelOne's Singularity Complete package. These subscriptions include full 24x7 incident response provided by Tier-1, Tier-2, and Tier-3 IT security experts. Vigilance Respond subscriptions include confirmation of cyberthreats, event prioritization, false positive handling and dashboard cleanup, threat containment, thorough reporting, SLAs, and escalation to the client's security organization. Pricing averages about $17 for each endpoint monthly and there is no minimum device count.
Vigilance Respond Pro adds a 2x faster SLA, assigned incident response case managers, root cause analysis, intel-driven hunting, digital forensics with malware reversing, expert containment and eradication, security assessment including security architecture, plus post-mortem consultation. In the majority of cases, Vigilance Respond Pro resolves threats in minutes and only gets in touch with customers for urgent issues. Because these services usually do not require the activity from the Vigilance Respond client, customers are able to focus on high-value projects instead of day-to-day cybersecurity issues.
Vigilance MDR consultants classify detected threat alerts according to a threat-handling hierarchy ranging from Benign False Positive to Urgent True Positive. This ranking dictates how the analyst manages the detected threat. There are five categories of threats and consequent responses. The majority of alerts require no a response by the client.
Benign Alert - False Positive
Vigilance takes care of the issue and annotates the SentinelOne console. For isolated False Positive alerts, no other responses or notifications are needed. For repeated False Positive alerts, Vigilance will escalate the issue to the client to submit or approve an appropriate exclusion or agent update as required.
Malicious Alert - True Positive Non-Urgent, Potentially unwanted Program
Vigilance responds to make sure the threat is blocklisted, resolved, and documented. Typically, no alert will be transmitted to the customer unless the threat calls for follow up activity.
Malicious Alert - True Positive / No Action Necessary
Vigilance takes proper actions including remediation to make sure the threat is isolated. Once the SentinelOne analyst verifies the threat is eliminated, the analyst will transmit a verification notice to the customer.
Malicious Alert - True Positive Non-Urgent / Action Necessary
Vigilance performs appropriate actions including remediation to ensure the threat is isolated. After the analyst confirms the threat is eliminated, the analyst will transmit a verification notice to the customer. Subsequent procedures such as re-imaging may be necessary in certain cases.
Malicious Alert - True Positive Urgent / Action Needed
Vigilance may react aggressively in high priority breach incidents including taking agent remediation actions and isolating compromised network endpoints to isolate the attack and block additional lateral progress. The analyst will transmit an urgent alert apprising the customer of the situation and ask for immediate response.
Download Progent's Singularity Control and Complete Comparison Datasheet
To see a one-page datasheet in PDF format describing SentinelOne's Singularity Control and Singularity Complete EDR products, click:
Progent's Singularity Control and Singularity Complete EDR Datasheet. (PDF - 340 KB)
The Progent Advantage
Progent's team of more than 150 consultants includes experts in every aspect of information technology associated with small and mid-size businesses. With this breadth of knowledge, Progent can be your one-stop source for integrating a cohesive cybersecurity environment that delivers significant business value. In addition to the endpoint security available from SentinelOne products, Progent offers a variety of managed services and specially-priced support packages designed to help SMBs to design, deploy, test, and manage networks that feature enterprise-class cybersecurity and low total cost of ownership.
Progent has expertise in all the endpoint devices, servers and VMs that can be protected by SentinelOne technologies and services. Progent can provide services that include Windows 11 migration expertise, Windows 10 integration, Linux support, Mac OS X and macOS support, iPhone and iPad support, Android integration, Windows Server 2022 migration expertise, Windows Server 2019 integration expertise, Hyper-V virtualization consulting, and VMware vSphere configuration consulting.
For single-click or manual rollback capability, Progent's Windows Server experts can assist you to configure Windows Volume Shadow Copy Service (VSS). Progent can also provide remote and onsite access to certified Cisco CCIE experts to help you to plan, defend or troubleshoot your network infrastructure. If your network incorporates cloud resources, Progent offers the support of Microsoft Azure experts, Amazon AWS consultants, and Google Cloud integration consultants.
Contact Progent about SentinelOne Sales and Integration Services
To find out more about how Progent can assist you to buy or configure SentinelOne endpoint security products, call