Tag Archives: XDR

News

Mandiant and SentinelOne integrate, enriching XDR with threat intelligence

SentinelOne, an autonomous cybersecurity platform company, has announced an integration with Mandiant to improve threat detection, triage, hunting, and response processes. SentinelOne’s Singularity XDR platform coupled with Mandiant’s threat intelligence and incident response expertise enables organisations to face the increasing threats of today’s cyber landscape with machine speed technology and services.

As threat actors continually deploy new malware strains and attack techniques, it becomes increasingly difficult for even the most experienced IT and security professionals to run cybersecurity programmes. Many organisations are now turning to Extended Detection and Response (XDR) platforms that stream data from multiple security as well as IT tools into a new kind of cybersecurity data platform, where the data is correlated and actioned, providing a more comprehensive view of an organisation’s security posture. The SentinelOne-Mandiant integration enriches Singularity XDR, adding Mandiant’s market-renowned threat intelligence, resulting in a comprehensive solution for detecting, investigating, and responding to incidents, reducing the costs of incident response and improving security postures.

“Our technology delivery of open XDR gives customers the flexibility and choice they deserve when building an XDR strategy – and our business model supports, instead of competes, with our partners,” said Raj Rajamani, Chief Product Officer, SentinelOne. “Harnessing the synergies between Singularity Storyline and Mandiant’s Threat Intelligence delivers even faster triage, root-cause analysis and actionability to every platform alert. With SentinelOne identifying threats and Mandiant providing the context and intel necessary for quick triage and remediation, organisations are equipped to defend themselves against the evolving threat landscape.”

Through the joint solution, suspicious activity and alerts are automatically enriched with threat intelligence from Mandiant, including malicious or benign verdicts, risk scores, threat actor profiles, indicators (IOCs), and links to deeper intelligence within the Mandiant Threat Advantage platform. Analysts can access at-a-glance context from Mandiant saving valuable time during incident triage. Key benefits of the SentinelOne-Mandiant integration include:

  • Automated incident triage: SentinelOne incidents are automatically enriched with context and intelligence from Mandiant Threat Intelligence
  • Streamlined threat hunting: Query and pivot on IOCs from emerging threats within SentinelOne Singularity
  • Accelerated detection and response: Autonomously discover and remediate threats with Indicators of Compromise from Mandiant
  • No-code simplicity: Combine best-of-breed solutions with no complex coding or configuration
The integration is currently in early access and will become generally available in Q4 2022 via SentinelOne’s Singularity Marketplace. For more information, visit www.sentinelone.com.
News

SentinelOne integrates with Proofpoint for enhanced ransomware protection

SentinelOne, an autonomous cybersecurity platform company, has announced a new integration with Proofpoint to orchestrate unified ransomware protection. With SentinelOne Singularity XDR and Proofpoint Targeted Attack Protection (TAP), enterprises enjoy the benefits of threat intelligence and multi-layered detection and response from email to endpoint, cloud, and identity management.

In 2021, 83 percent of organisations experienced at least one successful email-based phishing attack, according to recent Proofpoint research. Furthermore, the threat landscape is dominated by ransomware, an increasingly prevalent risk for organisations of all sizes. Human-powered EDR and legacy antivirus struggle to quickly halt the spread of an attack and are proving to be less effective than they historically were.

“Threats come from everywhere today,” said Chuck Fontana, SVP of Business Development, SentinelOne. “Attackers continue to use phishing techniques, exploiting the weakest link in enterprise cybersecurity – humans. Proofpoint and SentinelOne are in the right alignment to solve this problem, helping cybersecurity teams save valuable time while reducing risk.”

“Regardless of the level of sophistication, modern cyberattacks, including ransomware, tend to share one common trait – they target the inbox,” said D.J. Long, Vice President, Strategic Alliances & Business Development, Proofpoint. “Proofpoint’s integration with SentinelOne will help organisations as they look to unify their cybersecurity defence, securing the inbox and preventing threats associated with their users.”

Proofpoint TAP detects, analyses, and blocks advanced threats before they reach employee inboxes, including ransomware and other email threats delivered through malicious attachments and URLs.

SentinelOne unifies prevention, detection, and response in a single platform driven by patented machine learning and intelligent automation. With SentinelOne, organisations can detect malicious behaviour across all vectors and rapidly eliminate threats with autonomous response capabilities across enterprise attack surfaces.

With this integration, Proofpoint TAP offers unique visibility into email-based threats and streams data to the SentinelOne Singularity XDR platform for defence-in-depth protection. Joint capabilities include:

  • Device, inbox, and data visibility
  • Autonomous remediation capabilities including kill, quarantine, and even reversing malicious activity
  • Realtime intelligence sharing for proactive defence across the enterprise
  • Proactive device, user, and inbox isolation
  • Multitenant enterprise management

For more information on SentinelOne visit: www.sentinelone.com

For more information on Proofpoint’s people-centric solutions, visit: www.proofpoint.com.