SentinelOne is a venture-backed cybersecurity located in Palo Alto, California that develops next-generation endpoint protection software. SentinelOne unifies prevention, detection, and response in a single platform, enabling organizations to protect their user endpoint devices and critical servers against advanced malware, exploits and other types of sophisticated threats.
SentinelOne was founded in 2013 by cybersecurity veterans from Intel, McAfee, Checkpoint, IBM and the Israel Defense Forces and is financed with venture funding. The company has raised $14.5M in two rounds of venture funding that occurred in 2013 and 2014. The rounds raised $2.5M and $12M from venture capital firms including Accel Partners, Data Collective, Granite Hill Capital Partners, Tiger Global Management, UpWest Labs, and the Westly Group. In October 2015, SentinelOne raised an additional $25M in a series B funding round, bringing the company's total funding to close to $40M.
The company claims to have a number of customer wins with a malware detection rate of over 90% for zero-day threats.
SentinelOne was named one of “The 10 Coolest Security Startups Of 2014” by CRN.
The company’s endpoint protection technology has been spurred by a number of industry trends including more sophisticated malware threats targeting endpoint devices and the inadequacy of static, signature-based anti-malware approaches to protecting endpoint devices.
SentinelOne was recently recognized as a 'Visionary' by Gartner on the 2016 Gartner Magic Quadrant for Endpoint Protection Platforms.
SentinelOne's Endpoint Protection and Critical Server Protection platforms are certified by AV-TEST as Antivirus replacements.
SentinelOne's products are also fully HIPAA and PCI DSS 3.1 certified.
SentinelOne's core technology is behavior-based threat detection. Its Dynamic Behavior Tracking (DBT) Engine (a key component of SentinelOne's Endpoint and Critical Server Protection Platforms) utilizes sophisticated algorithms to map suspicious processes into malicious patterns. These patterns are then compared against a full context view of normal system and application behavior in order to determine if a threat exists.
SentinelOne also employs a lightweight agent (deployed on each user endpoint or critical server) that monitors all activity in both user and kernel space (network activity, I/O transactions, memory transactions, etc.). Through extensive agent-based monitoring, SentinelOne is able to generate detailed forensics in real-time, giving users a complete context of an attack.
SentinelOne has two main product offerings:
The SentinelOne Endpoint Protection Platform (EPP) protects Windows, OS X, and Linux-based endpoint devices against advanced malware, exploits and live/insider attacks. It monitors all activity on the endpoint via an autonomous lightweight agent, leverages dynamic behavior-based threat detection, offers fully integrated, automated mitigation and remediation capabilities, and generates real-time forensics.
The SentinelOne Critical Server Protection Platform (CSPP) deploys across physical, virtual, and cloud-based servers running Windows or Linux. It offers comprehensive protection against advanced threats, enabling organizations to stay compliant and secure without compromising server performance.