Syncurity has incorporated SentinelOne autonomous endpoint protection capabilities into its IR-Flow security orchestration, automation and response (SOAR) platform, according to a prepared statement.
The integration allows IR-Flow users to identify and triage suspicious activity and leverage the SentinelOne application programming interface (API) to quarantine and remediate compromised endpoints, Syncurity said. It also assesses risk as information from different IT and security tools and provides IR-Flow users with data that they can use to speed up threat identification and remediation.
What Is IR-Flow?
Organizations can use IR-Flow to identify high-risk security alerts and determine which situations should be escalated to security incidents, Syncurity indicated. They then can use these insights to take the necessary steps to contain and remediate security incidents accordingly.
Furthermore, IR-Flow allows organizations to generate and list reports, list processes, get files and list applications on a host, according to Syncurity. These actions can be automated or performed via ticketing system integrations.
SentinelOne Integrations: Here's What You Need to Know
SentinelOne's technology enjoys a growing list of third-party integrations. The lineup now includes:
- Exabeam: Exabeam last month announced a SentinelOne integration that allows organizations to use its security information and event management (SIEM) platform to automate incident response.
- Seccom Global: Australian MSSP Seccom Global in September integrated the SentinelOne Endpoint Protection Platform (EPP) into its endpoint and network detection and response services and firewall-as-a-service offerings.
- Sumo Logic: Sumo Logic in August integrated SentinelOne EPP into its log management and security analytics product.
- Continuum: The master MSSP leverages SentinelOne in its SOC services for MSPs in the SMB sector.
SentinelOne EPP offers unified endpoint attack prevention, detection and response capabilities, the company said. It also provides visibility into an organization's endpoints, along with threat context and real-time forensics.
What Is SentinelOne?
SentinelOne uses artificial intelligence to help organizations address cyber threats across a variety of attack methods, including:
- Browsers.
- Credentials.
- Documents.
- Executables.
- Fileless.
- Scripts.
SentinelOne also offers a fast-growing partner program for MSSPs, systems integrators (SIs) and other technology resellers. This program enables SentinelOne partners to sell the company's endpoint protection solutions and provides access to sales and marketing tools and resources.
