New Capabilities Enable Untethered View into All Endpoint Activities and Network Traffic – Encrypted and Clear Text.

SentinelOne, a pioneer in delivering autonomous AI-powered security for the endpoint, datacenter and cloud, today launched its new Deep Visibility module for the SentinelOne Endpoint Protection Platform (EPP), making it the first endpoint protection solution to provide unparalleled search capabilities for all indicators of compromise (IOCs) regardless of encryption and without the need for additional agents.

“We are bringing visibility to every edge of the network – from the endpoint to the cloud,” said Tomer Weingarten, CEO of SentinelOne. “Deep Visibility enables search capabilities and visibility into all traffic since we see it at the source and monitor it from the core. We know that more than half of all traffic is encrypted – including malicious traffic – which makes a direct line of sight into all traffic an imperative ingredient in enterprise defence.”

Deep Visibility extends the company’s current endpoint suite abilities to provide full visibility into endpoint data, leveraging its patented kernel-based monitoring, for complete, autonomous, and in-depth search capabilities across all endpoints – even those that go offline – for all IOCs in both real-time and historical retrospective search. SentinelOne EPP with Deep Visibility enables customers to fully automate their detection to response workflow while also gaining unprecedented insight into their environment.

Deep Visibility also empowers customers to gain insights into file integrity and data integrity by monitoring file characteristics and recording data exports to external storage.

Deep Visibility monitors traffic at the end of the tunnel, which allows an unprecedented tap into all traffic without the need to decrypt or interfere with the data transport. This, in turn, provides a rich environment for threat hunting, that includes powerful filters, the ability to take containment actions, as well as fully automated detection and response.

Since Deep Visibility does not require an additional agent and is a holistic part of the SentinelOne EPP platform, it is fully integrated into the investigation, mitigation and response capability sets, including process forensics, file and machine quarantine, and fully automated, dynamic remediation and rollback capabilities.

Additionally, Deep Visibility does not require any changes to network topology and does not require any certificates for installation. Visibility into encrypted traffic further enriches forensics insights and empowers security analysts with more holistic investigation capabilities without impacting the end-user experience.

“Deep Visibility is a breakthrough that will redefine how we think about perimeters,” said Weingarten. “Gaining visibility into the data pathways marks the first milestone for a real, software-defined edge network that can span through physical perimeters, to hybrid datacenters and cloud services. This is the beginning of the network of the future.”

In addition to Deep Visibility, SentinelOne EPP will also offer several new capabilities that further enrich visibility into customer environments and threats. Key capabilities include:

  • Support for new platforms Amazon Linux AMI and Oracle Linux to expand visibility into critical server environments
  • Full disk scan support to discover latent threats
  • Richer forensics insights to help identify the source of threats and build attack storylines

Current SentinelOne customers can upgrade to a new agent with access to Deep Visibility by working with their customer success managers. Prospective customers can learn more about SentinelOne EPP and the new Deep Visibility capabilities here.


View the original article by SentinelOne.

Predictive, Pre-Deployment, Post Installation and Health Check Wireless Surveys carried out by certified wireless engineers.

We look at Wi-Fi fundamentals, explore the benefits of and technology behind Wi-Fi 6, Wi-Fi 6E and what the future holds for Wi-Fi 7

Net-Ctrl provide network and structured cabling solutions as either a stand-alone installation, or to compliment products and solutions that we offer.

Connect-the-Classroom scheme  is allowing schools to upgrade their infrastructure to a solution that should last 10 years

Net-Ctrl provides two excellent support packages in addition to any equipment purchased. Find out about our Silver or Gold support package

IP-CCTV site survey to assess camera locations and requirement and existing Mobotix solution health checks.

Net-Ctrl offers our Cloud WLAN. Delivering market-leading patented technology managed by the Net-Ctrl engineering team.

We provide an automated Cybersecurity awareness training solution covering both simulated phishing and training courses.

Net-Ctrl offers a range of wireless network solutions. We explore some common questions related to these solutions.

Offering end-to-end, affordable and competitive financing solutions to help you achieve your business goals.