Mandiant and SentinelOne Integrate, Enriching XDR with Threat Intelligence

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--SentinelOne (NYSE: S), an autonomous cybersecurity platform company, today announced an integration with Mandiant to improve threat detection, triage, hunting, and response processes. SentinelOne’s Singularity XDR platform coupled with Mandiant’s threat intelligence and incident response expertise enables organizations to face the increasing threats of today’s cyber landscape with machine speed technology and services.

As threat actors continually deploy new malware strains and attack techniques, it becomes increasingly difficult for even the most experienced IT and security professionals to run cybersecurity programs. Many organizations are now turning to Extended Detection and Response (XDR) platforms that stream data from multiple security as well as IT tools into a new kind of cybersecurity data platform, where the data is correlated and actioned, providing a more comprehensive view of an organization's security posture. The SentinelOne-Mandiant integration enriches Singularity XDR, adding Mandiant’s market-renowned threat intelligence, resulting in a comprehensive solution for detecting, investigating, and responding to incidents, reducing the costs of incident response and improving security postures.

“Our technology delivery of open XDR gives customers the flexibility and choice they deserve when building an XDR strategy - and our business model supports, instead of competes, with our partners,” said Raj Rajamani, Chief Product Officer, SentinelOne. “Harnessing the synergies between Singularity Storyline and Mandiant's Threat Intelligence delivers even faster triage, root-cause analysis and actionability to every platform alert. With SentinelOne identifying threats and Mandiant providing the context and intel necessary for quick triage and remediation, organizations are equipped to defend themselves against the evolving threat landscape.”

Through the joint solution, suspicious activity and alerts are automatically enriched with threat intelligence from Mandiant, including malicious or benign verdicts, risk scores, threat actor profiles, indicators (IOCs), and links to deeper intelligence within the Mandiant Threat Advantage platform. Analysts can access at-a-glance context from Mandiant saving valuable time during incident triage. Key benefits of the SentinelOne-Mandiant integration include:

• Automated Incident Triage: SentinelOne incidents are automatically enriched with context and intelligence from Mandiant Threat Intelligence
• Streamlined Threat Hunting: Query and pivot on IOCs from emerging threats within SentinelOne Singularity
• Accelerated Detection and Response: Autonomously discover and remediate threats with Indicators of Compromise from Mandiant
• No-Code Simplicity: Combine best-of-breed solutions with no complex coding or configuration

The integration is currently in early access and will become generally available in Q4 2022 via SentinelOne’s Singularity Marketplace. For more information, visit www.sentinelone.com.

About SentinelOne

SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.