SentinelOne's Singularity portfolio is a subscription-based, cloud-centric cyberthreat defense platform that features computer learning algorithms and expert services to provide enterprise-class endpoint detection and response (Singularity EDR) and extended detection and response (Singularity XDR). SentinelOne's small-footprint software agents can be loaded in a few minutes to defend endpoints against increasingly sophisticated assaults including ransomware, familiar and zero-day malware, trojan viruses, hacking tools, RAM exploits, malicious scripts, destructive macros, and living-off-the-land (LotL) attacks. Singularity software agents are offered for Windows, macOS, Linux, and Kubernetes endpoints. Compatible form factors include physical, virtual, VDI desktops, hybrid data centers, and cloud providers. Since SentinelOne software agents are autonomous, they can provide cutting-edge behavior-based security in real time even when endpoints are disconnected from the cloud.
Progent is a certified SentinelOne Partner and reseller and manages thousands of endpoints protected by SentinelOne technology. SentinelOne is always the first incident response tool deployed by Progent to gain control and visibility of a client's network in the first stages of a ransomware recovery emergency. SentinelOne Singularity is in addition the root EDR software behind Progent's Active Security Monitoring (ASM) managed services. SentinelOne was ranked as a top visionary in Gartner's 2022 Magic Quadrant for Endpoint Protection Platforms and attained the most analytic detections in real-time with zero delays during the 2022 MITRE ATT&CK Phase 4 Evaluation. According to Gartner's assessment, "This reaffirms its (SentinelOne's) ability to detect all attacks and provide full details of the techniques and tactics used." SentinelOne also surpassed all competition for each use case in Gartner's assessment of Critical Capabilities for Endpoint Protection Platforms (EPPs).
Singularity Bundles for SentinelOne Endpoint Detection and Response
SentinelOne's Singularity product line offers several tiers of endpoint protection product bundles provided as a global SaaS platform that delivers high availability, centralized policy management by site and group, AI powered malware intelligence, rapid recovery, and an information-driven dashboard for security analytics. Packages include Control for advanced management, Complete for automated root cause analysis, and Complete with Vigilance MDR for 24/7 advanced monitoring and response. The product tiers are additive. Control and Complete each include all the features of the tier beneath it. Pricing starts at $10 per endpoint per month for small customers with substantial discounts for bigger deployments. Progent has no minimum device requirement.
Add-ons available for the SentinelOne Singularity Core bundle include live global asset inventory and advanced network device mapping via SentinelOne's RANGER bundle, closure of agent deployment gaps with p2p job automation.
Singularity Complete includes all the standard capabilities and works with all the options of the Control package and adds single-agent world-class prevention, detection, response and hunting throughout endpoints, cloud, and IoT. The package saves significant time for cybersecurity administrators, Security Operations Center analysts, cyberthreat hunters, and attack responders by correlating events and mapping it into the MITRE ATT&CK database to expose root causes. Complete offers an advanced EDR feature set that includes:
- Storyline technology with automatic correlation and contextualization of alerts for fast root cause analysis (RCA)
- SentinelOne's Storyline Active Response (STAR) to counter emerging zero-day cyberthreats with customized, automated rules for detection and hunting
- Built-in ActiveEDR visibility to harmless and malicious data
- Storyline hunt and pivot by MITRE ATT&CK technique
- EDR Hunting Data storage options from 14 days (standard) to 365 days (special option)
- File integrity checking
- Timelines, file fetch, sandboxing for additional dynamic analysis
Vigilance Respond MDR Services
Vigilance Respond and Vigilance Respond Pro are add-on Managed Detection and Response programs for subscribers to SentinelOne's Singularity Complete bundle. These bundles include full 24x7 incident response provided by Tier-1, Tier-2, and Tier-3 IT security professionals. Vigilance Respond services include validation of threats, event prioritization and triage, false positive handling and console cleanup, proactive threat deactivation, thorough reporting, service level agreements, and escalation back to the customer's security organization. Subscription pricing averages about $17 for each endpoint per month and there is no minimum device count.
Vigilance MDR consultants classify detected threat alerts according to a hierarchy ranging from Benign False Positive to Urgent True Positive. This classification dictates how the Vigilance analyst manages the detected threat. There are five classes of threats and consequent responses. The majority of alerts do not require action by the customer.
Benign Alert - False Positive
Vigilance resolves the issue and updates the SentinelOne console. For single False Positive alerts, no other responses or notifications are required. For repeated False Positive alerts, Vigilance will escalate the issue to the client to submit or approve an appropriate exclusion or agent update as required.
Malicious Alert - True Positive Non-Urgent, Potentially unwanted Program
Vigilance responds to ensure the threat is blacklisted, resolved, and documented. Typically, no alert will be transmitted to the customer unless the issue requires follow up work.
Malicious Alert - True Positive / No Action Needed
Vigilance performs appropriate actions including remediation to make sure the threat is isolated. After the analyst confirms the threat is deleted, the analyst will send a confirmation alert to the customer.
Malicious Alert - True Positive Non-Urgent / Action Needed
Vigilance performs proper actions including remediation to make sure the threat is isolated. After the SentinelOne analyst verifies the threat is deleted, the analyst will transmit a verification alert to the customer. Follow-up procedures such as re-imaging may be necessary in certain cases.
Malicious Alert - True Positive Urgent / Action Necessary
Vigilance may react strongly in high priority breach incidents including pursuing agent remediation actions and isolating affected network devices to stall the attack and prevent additional lateral movement and spread. The analyst will send an urgent alert apprising the customer of the issue and request immediate response.
Download Progent's SentinelOne Singularity EDR Datasheet
To see a single-page datasheet in PDF format describing Progent's support for SentinelOne's Singularity EDR products, click:
SentinelOne Singularity EDR Packages. (PDF - 340 KB)
The Progent Advantage
Progent's team of over 150 consultants includes certified experts in every aspect of information technology associated with small and mid-size businesses. With this breadth of expertise, Progent can be your single point of contact for integrating a cohesive cybersecurity environment that delivers significant business value. In addition to the endpoint protection provided by SentinelOne products, Progent offers a variety of managed services and specially-priced IT support packages created to help small and mid-size businesses to plan, implement, test, and manage networks that feature enterprise-class cybersecurity and low TCO.
Progent offers in-depth experience with all the endpoint devices, servers and VMs that can be secured by SentinelOne products. Progent offers services that include Windows 11 planning and migration consulting, Windows 10 management, Linux integration, Mac OS X and macOS consulting, iPhone and iPad consulting, Android consulting, Windows Server 2022 migration consulting, Windows Server 2019 integration expertise, Hyper-V virtualization consulting, and VMware vSphere configuration consulting.
For fast rollback capability, Progent's Windows Server consultants can assist you to set up Windows Volume Shadow Copy Service (VSS). Progent can also provide remote and on premises access to certified Cisco CCIE experts to assist you to design, protect or troubleshoot your infrastructure. If your network incorporates cloud resources, Progent offers the support of Microsoft Azure experts, Amazon AWS consultants, and Google Cloud integration consultants.
Contact Progent about SentinelOne Sales and Integration Services
To learn more about how Progent can help you to purchase or configure SentinelOne endpoint security products, call 1-800-993-9400 or see Contact Progent.