Integrated security in a single pane of glass: SIEM and Endpoint Protection
Combining SIEM and endpoint protection into a single pane of glass improves threat detection capabilities by correlating data from multiple sources leading to a faster and more accurate identification of security incidents.
Having all security data flow from various aspects (particularly devices) into our SOC enhances our ability to monitor your environment.
We recommend that all our SIEM clients to also adopt endpoint protection with us.
Endpoint model for schools
Our school clients often adopt a hybrid model utilizing SentinelOne Complete on high value assets such as servers and privileged workstations and SentinelOne Core or other lower cost solutions on non-essential devices.
We offer special pricing for schools. Please contact us for pricing information.
Singularity Platform Features & Offerings
All customers have access to these SaaS management console features:
- Global SaaS implementation. Highly available. Choice of locality
- Flexible administrative authentication and authorisation: SSO, MFA, RBAC
- Administration customisable to match your organisational structure
- 365 days threat incident history
- Single API with 340+ functions
- Integrated SentinelOne Threat Intelligence and MITRE ATT&CK Threat Indicators
- Data-driven dashboard security analytics
- Configurable notifications by email and syslog
- Singularity Marketplace ecosystem of bite-sized, 1-click apps
Singularity Complete is for organisations that need modern endpoint protection and control plus advanced EDR features. Complete also has patented Storyline™ tech that automatically contextualises all OS process relationships [even across reboots] every second of every day and stores them for your future investigations. Storyline™ saves analysts from tedious event correlation tasks and gets them to the root cause fast. It is designed to lighten the load on security administrators, SOC analysts, threat hunters, and incident responders by automatically correlating telemetry and mapping it into the MITRE ATT&CK® framework. Singularity Complete includes the following features:
- Patented Storyline™ for fast RCA and easy pivots, and for enforcement by the EPP functions and custom detections and automated hunting rules.
- Integrated ActiveEDR® visibility to both benign and malicious data.
- Data retention options to suit every need, from 14 to 365+ days.
- Hunt by MITRE ATT&CK ® Technique.
- Timelines, remote shell, file fetch, sandbox integrations, and more.
- Firewall Control for control of network connectivity to and from devices including location awareness.
- Device Control for control of USB devices and Bluetooth/BLE peripherals.
- Rogue visibility to uncover devices on the network that need Sentinel agent protection.
- Vulnerability Management, in addition to Application Inventory, for insight into 3rd party apps that have known vulnerabilities mapped to the MITRE CVE database.
Deployment, 24/7 monitoring, incident management and response by the Secure-ISS Security Operations Centre is available as part of our Managed XDR Service offering.