Security Program Controls/Technologies, Incident Response

SentinelOne Releases Digital Forensics Product

Share

Security teams now can use the SentinelOne Singularity RemoteOps Forensics product to "execute efficient and streamlined investigation and response activities with unprecedented speed and scale," the company announced.

RemoteOps Forensics is integrated with SentinelOne's Singularity Platform and offered as an add-on to SentinelOne's Endpoint and Cloud Workload Security solutions, the company said. It allows security teams to automate and customize the collection of forensic evidence and add context to threat investigations.

What SentinelOne RemoteOps Forensics Offers

RemoteOps Forensics lets security teams automate trigger-based forensic data collection when an incident occurs, SentinelOne stated. These teams can customize forensic workflows for ad-hoc data collection. They also can utilize custom workflows to investigate threats on one or more endpoints.

In addition, RemoteOps Forensics ingests and parses threat data in the SentinelOne Singularity Data Lake alongside endpoint detection and response (EDR) telemetry, SentinelOne noted. That way, security teams can use EDR data in the Singularity Data Lake during their threat investigations.

RemoteOps Forensics also helps security teams uncover hidden indicators of compromise (IOCs), identify attack patterns and understand the tactics and techniques of threat actors, SentinelOne indicated. As a result, security teams can use RemoteOps Forensics to analyze threats and reduce their mean time to respond (MTTR) to incidents.

SentinelOne Adds to Its Portfolio

The RemoteOps Forensics launch comes after SentinelOne in July 2023 announced its Cloud Data Security product line. Organizations can use SentinelOne's Cloud Data Security products to protect against malware across their cloud environments and networks, the business said.

Previously, SentinelOne in April 2023 debuted a generative artificial intelligence-based threat hunting platform at the RSA Conference in San Francisco, California. The platform lets security teams use AI to monitor their data, SentinelOne stated. Furthermore, it allows these teams to ask threat and adversary-hunting questions and get responses to them in seconds.

SentinelOne helps organizations detect, prevent and respond to cyberattacks across their endpoints, cloud workloads, containers, identities and mobile and network-connected devices. The company recorded $149.4 million in total revenue in the second quarter of fiscal year 2024, which represented a 46% year-over-year increase.

It also offers a partner program and the Singularity Marketplace, both of which allow MSSPs and other technology providers to leverage its security technologies.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.