SentinelOne Singularity™

Platform Packages, Modules, and Services

The SentinelOne Singularity Platform empowers SOC & IT Operations

Teams with a more efficient way to protect information assets against Why Choose SentinelOne?
today’s sophisticated threats.
+ With foundation in best-in-breed
SentinelOne Singularity unifies and extends detection and response capability across multi- EPP+EDR, SentinelOne extends
ple security layers including endpoint, cloud, identity, network, and mobile providing security native detection and response
teams with centralized end-to-end enterprise visibility, powerful analytics, and automated capabilties across your attack
response across a large cross-section of the technology stack. surfaces for global visibility and
Sentinel Agents are managed via our globally-available multi-tenant SaaS console designed capability.
for ease of use and flexible management that meets your requirements. Our Vigilance Man- + 95% customer satisfaction
aged Detection & Response (MDR) services subscription is available to back your security
+ 96% of Gartner Peer Insights
organization 24x7.
reviewers recommend SentinelOne
This datasheet describes our tiered product offerings known as Singularity Core, Control,
+ Customizable console with time
and Complete. Each product package builds on the one below it.
saving workflows

+ Ransomware solved through

Add / Replace EDR superior behavioral AI
Singularity to improve visibility,
Complete hunting, and IR + Autonomous protective responses
Security capabilities trigger instantly
Operations
+ Time saving, fatigue-reducing
Storyline™ with platform
technologies designed for incident
responsers and threat hunters
Consolidate to fewer
Singularity endpoint agents + Affordable EDR data retention of
Control 365 days+ for full historical analysis
IT Ops Hygiene
+ Easy XDR integrations to other
vendors

Replace legacy AV
Singularity & NGAV products
Core
Endpoint
Protection

Singularity Endpoint, Cloud,

Platform Identity, and Beyond
Singularity Platform Features & Offerings
All SentinelOne customers have access to these SaaS management console features:

Global SaaS implementation. Up to 3 years of threat incident Configurable notifications by email

Highly available. Choice of locality history and syslog
(US, EU, APAC).
Integrated threat intelligenceand Singularity Marketplace ecosystem of
Flexible administrative authentication MITRE ATT&CK Threat Indicators bite-sized, 1-click apps
and authorization: SSO, MFA, RBAC
Data-driven dashboard security Single API with 340+ functions
Administration customizable to analytics
match your organizational structure

Singularity Core Singularity Complete

Singularity Core is the foundation of all SentinelOne endpoint security Singularity Complete provides best-in-breed EPP & EDR capabil-
offerings to replace legacy AV or NGAV with a more effective and ities in one platform, management console, and agent. Designed
easily managed EPP. Core includes static and behavioral AI engines, for organizations seeking enterprise-grade prevention, detection,
to detect a wide range of attacks. Our autonomous Sentinel agent and response scalable across the enterprise, coupled with custom
applies protection and detection right at the endpoint, with or without automations, Singularity Complete empowers security teams to
a cloud connection. easily identify and secure every user endpoint on their network.
• Patented Storyline™ for fast RCA and easy pivots
• Complete visibility of both benign and malicious data
• Data retention options to suit every need, upgradeable
up to 3 years
Singularity Control
• Hunt by MITRE ATT&CK® Technique
Singularity Control offers industry-leading endpoint security com-
bined with “security suite” features for endpoint management. • Mark benign Storylines as threats for enforcement by
Control includes all Core features plus: the EPP functions

Firewall control to control network connectivity to/from devices, • Custom detections and automated hunting rules with
including location awareness Storyline Active Response (STAR™)

Device control of USB devices and Bluetooth/BLE peripherals • Built-in data collection scripts to enhance visibility and
incident investigation
Vulnerability management and Application Inventory to provide
insight into third party apps with known vulnerabilities, mapped • Timelines, remote shell, file fetch, sandbox integrations,
to the MITRE ATT&CK CVE database and more

Ready for a Demo?

Visit the SentinelOne website for more details,
or give us a call at +1-855-868-3733

sentinelone.com
“ “
Impressive capabilities. Easy to deploy and use EDR. Single platform the SOC can rely on.

Director of Cybersecurity Security & Risk Management

HEATHCARE 1B - 3B USD FINANCE 50M - 250M USD

SentinelOne stops ransomware and

“ other fileless attacks with behavioral
Increased efficiency. We've absolutely seen an ROI. AI and strong automatic remediation
Global InfoSec Director functions.
MANUFACTURING 10B - 25B USD

Vigilance MDR Services Subscription SentinelOne GO Subscription

Vigilance Respond is SentinelOne’s global, 24x7 Managed SentinelOne GO is a 90 day guided onboarding and deploy-
Detection & Response (MDR) service that augments your ment advisory service designed to maximize your success
security team’s capacity and offloads the monitoring, re- with the Singularity™ Platform. Our customer success team
view, and triage of every threat to SentinelOne’s in-house employs a structured methodology to help you get up and
experts, helping you refocus on more strategic initiatives. running quickly, and equips you with best practices to stay
Digital forensics analysis and incident response (DFIR) ca- healthy over time. See a model for success with a 30 day
pabilities are available with Vigilance Respond Pro, making it trial of Vigilance for fully managed, 24x7 monitoring & triage.
the perfect support service for overstretched IT/SOC teams.

More info: More info:

www.sentinelone.com/global-services/services-overview www.sentinelone.com/global-services/sentinelone-go
 Singularity Singularity Singularity
Core Control Complete
Platform Features
Cloud-Native Security + Suite Enterprise
NGAV Features Security

Singularity™ Platform Common Features

Cloud-first multi-tenant SaaS

Fully customizable management experience via multi-site, multi-group architecture

Fully customizable role-based access control and MFA integration

Patented Storyline™ correlation & context

Skylight platform data analytics interface

MITRE ATT&CK® Integration

Data localization Available Available Available

Singularity XDR Features

Native data ingestion from SentinelOne surface agents (endpoint, cloud, identity,
mobile, etc.) – Unmetered and does not decrement the Open XDR ingest quota.
Open XDR data ingestion of 10 GB/day from any external, non-native, non-
SentinelOne source. Upgradable to multi-terabyte/day.
Ingested data retention includes both Open XDR & Native data. 14 days default.
Upgradable to 3 years.

Singularity XDR Marketplace Apps

Open XDR
Storyline Active Response™ (STAR) Custom Detection Rules. 100 default. Upgradable.
data only

Endpoint Surfaces

Endpoint security for Windows Workstation, macOS, and legacy Windows

(XP, 7, 2003SP2+, 2008)

Modern endpoint protection & NGAV utilizing static AI & behavioral AI

Automated or one-click remediation & rollback

Threat triage & investigation: 1 year lookback

Rogue & unsecured device discovery. Requires Ranger Module for remote installation
and other network functions.

Mobile endpoint support: iOS, Android, Chrome OS

EPP Suite Control Features: Device Control, Firewall Control, Remote Shell

Application inventory and application CVEs

Built-in data collection scripts

Native EDR data ingestion with Storyline™ and MITRE Engenuity ATT&CK® Mapping

Native EDR threat hunting via Skylight

Native EDR analytics

 Singularity Singularity Singularity
Core Control Complete
Platform Features
Cloud-Native Security + Suite Enterprise
NGAV Features Security

Cloud Surfaces

Realtime Cloud Workload Security for Linux VMs, Kubernetes clusters and Windows
servers & VMs

Automated or one-click remediation & rollback. Remote shell.

Threat triage & investigation: 1 year lookback

Cloud service provider workload metadata sync

Automated App Control for Kubernetes and Linux VMs

Built-in data collection scripts

Native EDR data ingestion with Storyline™ and MITRE Engenuity ATT&CK® Mapping

Native EDR threat hunting via Skylight

Native EDR analytics

Identity Surface

Singularity Ranger AD Module:

Real-time Active Directory and Azure AD attack surface monitoring and reduction.

Singularity Ranger AD Protect Module:

Real-time Active Directory and Azure AD attack surface monitoring and reduction
further supplemented with AD domain controller-based Identity Threat Detection
and Response.

Singularity Identity Module:

Identity Threat Detection & Response for Active Directory and Azure AD and AD
domain-joined endpoints.

Singularity Hologram Module:

Network-based threat deception that lures in-network and insider threat actors
into engaging and revealing themselves.

Platform Module Options

Singularity Ranger® Attack Surface Management Module:

Asset discovery, fingerprinting, and inventory. Automated agent deployment.
Suspicious device isolation. Pivot to Skylight threat hunting.

RemoteOps Module:
Orchestrated forensics, remote investigation, and rapid response at scale.

Cloud Funnel Data Lake Streaming Module:

Replicate telemetry to any cloud for any purpose.

Binary Vault Module:

Automated malicious and benign file upload for additional forensic analysis.
 Singularity Singularity Singularity
Core Control Complete
Service & Support
Cloud-Native Security + Suite Enterprise
NGAV Features Security

Standard Support 5/9

Enterprise Support 24/7/365

Enterprise Support + Technical Account Manager

SentinelOne Guided Onboarding (“GO”) deployment service

Vigilance Respond Managed Detection & Response (MDR) subscription Limited Limited

Vigilance Respond Pro MDR + Digital Forensics & Incident Response (DFIR)
Limited Limited
subscription

WatchTower Active campaign threat hunting & intelligence reporting

WatchTower Pro Bespoke threat hunting & compromise assessment

Vigilance IR Retainer

Legend: Included Add-on

Support Locations
Mountain View, California US (HQ),
Amsterdam, Bangalore, Boston,
Dubai, Eugene, Fort Lauderdale,
Prague, Tel-Aviv, Tokyo

Global Data Centers

US, Frankfurt, Tokyo,
AWS GovCloud
Highly Available

OS Support Windows Sentinel Agent Windows Legacy Agent

All Windows workstation starting with XP, Server 2003 & 2008, POS2009
SentinelOne supports a wide variety of
7 SP1 through Windows 11
Windows, Mac and Linux distributions Supported Container Platforms
as well as virtualization OSes. Common All Windows Server starting with 2008 Self-managed and Managed Kubernetes
software exceptions are documented in our R2 SP1 through Server/Core 2019 Services (EKS, AKS, GKE), OpenShift
support portal.
Mac Sentinel Agent Virtualization & VDI
macOS Ventura, Monterey, Big Sur Citrix XenApp, Citrix XenDesktop,
Oracle VirtualBox, VMware vSphere,
Linux Sentinel Agent
VMware Workstation, VMware Fusion,
Ubuntu, Redhat (RHEL), CentOS, Oracle,
VMware Horizon, Microsoft Hyper-V
Amazon AMI, SUSE Linux Enterprise
Server, Fedora, Debian, Virtuozzo, Scientific
Linux, RockyLinux, AlmaLinux

About SentinelOne sentinelone.com

SentinelOne is the world's most advanced cybersecurity platform. The SentinelOne Singularity™ Platform detects, prevents, and responds sales@sentinelone.com
to cyber-attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and + 1 855 868 3733
network-connected devices with intelligence, speed, accuracy, and simplicity. Over 11,500 customers—including Fortune 10, Fortune 500,
and Global 2000 companies, as well as prominent governments—all trust SentinelOne to Secure Tomorrow.

© SentinelOne 2024 S1-DS-SENTINELONE_SINGULARITY-03062024