App Review SentinelOne Endpoint Security (with SonicWall)

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra
ShenguiTurmi

ShenguiTurmi

Level 3
Well-known
Feb 28, 2023
128
likeastar20 said:
@Shadowra another sample. can you confirm the sample is working and not detected by S1?

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

raccoon | d2a63c6d9cdda0bc062b61cf77d84259c451edfed1a01401e519bc75cfff7e8e | Triage

Check this raccoon report malware sample d2a63c6d9cdda0bc062b61cf77d84259c451edfed1a01401e519bc75cfff7e8e, with a score of 10 out of 10.
tria.ge tria.ge
Click to expand...
Yes. Not detected by sensor based ML and cloud based hash blacklist.
I don't have the extra licence to install in test environment. So I didn't test if running it would trigger behavioural protection or not.
QQ截图20230723182817.png
 
  • Like
Reactions: Nevi, piquiteco, simmerskool and 3 others
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,737
It has a good reputation because the marketing is brilliant. The product is just one overblown antivirus. I bet if you compare it to Avast Free, Avast will easily blow S1 away. It’s just the EDR that is built well.
 
  • Like
  • Hundred Points
Reactions: roger_m, Nevi, piquiteco and 5 others
L

likeastar20

Level 8
Verified
Mar 24, 2016
361
Trident said:
It has a good reputation because the marketing is brilliant. The product is just one overblown antivirus. I bet if you compare it to Avast Free, Avast will easily blow S1 away. It’s just the EDR that is built well.
Click to expand...
They are stupid enough to think that my tests are based on VT results. The only mention of VT by me is the link to the file. Like who does tests based on VT results. You know they have no idea what they are talking about when that is the first thing they think of.

1234.PNG
 
  • HaHa
  • Like
Reactions: Nevi, piquiteco, simmerskool and 4 others
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,636
Trident said:
Does this guy have any evidence that SentinelOne detected the 3CX supply chain malware before anyone else? Or was it someone monitoring the XDR that saw the logs and responded? Many people don’t make difference.
Click to expand...
This one is actually true. I saw this before the supply chain attack was discovered. Some S1 customers thought it to be a false positive and ignored. But S1 was not the only one, so did ESET and two, three other vendors at least. But of course not every vendor had customers using 3CX or customers who used 3CX and also updated their software to the infected version and was exploited. eg: Bitdefender said that they didn't see any exploitation attempt for their customers.
 
  • Like
Reactions: Nevi, piquiteco, Shadowra and 2 others

Similar threads

Shadowra
    • +Reputation
    • Like
    • Thanks
App Review DeepInstinct Endpoint Security v5
Replies
10
Views
660
Video Reviews - Security and Privacy
ShenguiTurmi
ShenguiTurmi
upnorth
    • +Reputation
    • Like
    • Wow
Malicious PyPI package found posing as a SentinelOne SDK
Replies
1
Views
672
News Archive
Andrezj
Andrezj
Shadowra
    • +Reputation
    • Like
    • Applause
App Review WithSecure Endpoint Security
Replies
4
Views
1,885
Video Reviews - Security and Privacy
ShenguiTurmi
ShenguiTurmi

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top