Product Integrations
Cisco Firepower: Improve threat detection and networking monitoring with data. Cisco Firepower threat intelligence is ingested into SentinelOne Singularity Data Lake and normalized into OCSF for use with other security data. This integration enables the data to be combined with other sources of threat information, providing analysts with a deeper and fuller picture of potential security threats within their network.
Cisco Malware Analytics: By integrating SentinelOne with Cisco Secure Malware Analytics, security analysts gain the ability to submit malicious files associated with SentinelOne alerts for advanced analysis. This seamless integration empowers analysts with in-depth insights and enriched threat intelligence, enabling more effective and informed decision.
Cisco XDR: SentinelOne Singularity is an Extended Detection and Response (XDR) and Endpoint Detection and Response (EDR) offering. In Cisco XDR, we enable Singularity users to leverage it for threat hunting and investigation features, as well as rapid response actions to understand and defend against threats on the endpoint. It also provides important device inventory context to help triage detected threats.
Cisco XDR Investigate: Use the SentinelOne integration to search for security detections involving specific hostnames, host GUIDs, filenames, paths, hashes, process names, and process arguments.
Cisco XDR Automate: SentinelOne can also be used through Cisco XDR to isolate hosts from the network and block file hashes on the endpoint.
- SentinelOne - Connect Agent to Network
- SentinelOne - Disconnect Agent from Network
- SentinelOne - Add Hash to Blocklist
- SentinelOne - Remove Hash from Blocklist
- SentinelOne - Get Vulnerability Summary for Assets
Cisco XDR Assets: This integration can also be used to provide host information, including vulnerability information for use in triaging incidents and detections.
