SentinelOne Singularity
SentinelOne Singularity is an Extended Detection and Response (XDR) and Endpoint Detection and Response (EDR) offering.
SentinelOne Singularity is an Extended Detection and Response (XDR) and Endpoint Detection and Response (EDR) offering. In Cisco XDR, we enable Singularity users to leverage it for threat hunting and investigation features, as well as rapid response actions to understand and defend against threats on the endpoint. It also provides important device inventory context to help triage detected threats.
Use the SentinelOne integration to search for security detections involving specific hostnames, host GUIDs, filenames, paths, hashes, process names, and process arguments. SentinelOne can also be used through Cisco XDR to isolate hosts from the network and block file hashes on the endpoint. This integration can also be used to provide host information, including vulnerability information for use in triaging incidents and detections.
Note: This integration requires XDR Advantage or XDR Premier licensing tier.
These are workflows that you can install in Cisco XDR automation and use with this integration. These are different from built-in workflows which are built into Cisco XDR by default for all customers.
These workflows are built into Cisco XDR automation and can be used with this integration. These are different from installable workflows, which are optional workflows you can install from Cisco and its partners.
These actions can be used in Cisco XDR automation to build workflows for this product. Workflows can help you automate how you investigate, respond to incidents, and more.