Question SentinelOne can not set multiple policy?

Please provide comments and solutions that are helpful to the author of this topic.

ShenguiTurmi

ShenguiTurmi

Level 3
Thread author
Well-known
Feb 28, 2023
128
QQ截图20230718111756.jpg

When I click on the policy option, I can only edit the settings directly. I don't find the option to create a new policy and associate it to some of the devices.
For example, I want device A to have only Static AI turned on and device B to have all protection turned on, which doesn't look like it can be done?
Has anyone tried this? This is a bit strange in an enterprise product.
 
  • Like
  • Thanks
  • Wow
Reactions: simmerskool, SeriousHoax, Kongo and 4 others
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,737
I have a question about SentinelOne (I am not familiar with its capabilities as I couldn’t find a reseller till recently). Apart from all wonderful NGAV capabilities, what else is included? Does it offer web filtering and anti-phishing as well?

@ShenguiTurmi on top it says “Revert to default inherited policy”. This suggests that there is another place for managing policies as well. Did you check everywhere?

Edit:
Watch this video from the 4th minute onwards to learn about policy and asset management.
 
Last edited:
  • Like
  • +Reputation
  • Applause
Reactions: simmerskool, SeriousHoax, Jonny Quest and 5 others
ShenguiTurmi

ShenguiTurmi

Level 3
Thread author
Well-known
Feb 28, 2023
128
Trident said:
I have a question about SentinelOne (I am not familiar with its capabilities as I couldn’t find a reseller till recently). Apart from all wonderful NGAV capabilities, what else is included? Does it offer web filtering and anti-phishing as well?

@ShenguiTurmi on top it says “Revert to default inherited policy”. This suggests that there is another place for managing policies as well. Did you check everywhere?

Edit:
Watch this video from the 4th minute onwards to learn about policy and asset management.
Click to expand...

I can't access youtube because of regional restrictions, but I just got help from another S1 user. Editing the policy directly won't work, but you can create a device group and then set the policy for the device group.
Anyway thanks for the help.
S1 has nothing good on NGAV and no anti-phishing. But they can rolling back the behaviour of malicious programs (not just for ransomware). As well as EDR which is second only to Cybereason for visibility in the MITRE 2022 test.
 
  • Like
Reactions: simmerskool, SeriousHoax, Jonny Quest and 5 others
L

likeastar20

Level 8
Verified
Mar 24, 2016
361
Trident said:
I have a question about SentinelOne (I am not familiar with its capabilities as I couldn’t find a reseller till recently). Apart from all wonderful NGAV capabilities, what else is included? Does it offer web filtering and anti-phishing as well?

@ShenguiTurmi on top it says “Revert to default inherited policy”. This suggests that there is another place for managing policies as well. Did you check everywhere?

Edit:
Watch this video from the 4th minute onwards to learn about policy and asset management.
Click to expand...

I assume it does not have features like antiphising and web filtering, Harmony is a more complete solution.
 
  • Like
Reactions: simmerskool, SeriousHoax, [correlate] and 4 others
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,737
Rolling back the behaviour is something many do, even McAfee and Webroot. SentinelOne uses a lot of fancy terms and trademarks across their website but nothing really explains the capabilities well, it’s just a lot of marketing fluff.
The rollback seems to refer only to ransomware recovery and automatic group remediation as Symantec calls it.

I think I will pass on SentinelOne, nothing to see and learn there.
 
Last edited:
  • Like
Reactions: simmerskool, SeriousHoax, [correlate] and 3 others
ShenguiTurmi

ShenguiTurmi

Level 3
Thread author
Well-known
Feb 28, 2023
128
Trident said:
Rolling back the behaviour is something many do, even McAfee and Webroot. SentinelOne uses a lot of fancy terms and trademarks across their website but nothing really explains the capabilities well, it’s just a lot of marketing fluff.
The rollback seems to refer only to ransomware recovery and automatic group remediation as Symantec calls it.

I think I will pass on SentinelOne, nothing to see and learn there.
Click to expand...
In addition to SentinelOne, I provided WithSecure for @Shadowra to test, and WithSecure seems to do less than SentinelOne. :unsure:
 
  • Like
Reactions: simmerskool, [correlate], Kongo and 3 others

Similar threads

SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
WDACConfig module - WDAC Policy Deployment Simulation
Replies
0
Views
394
Other security for Windows, Mac, Linux
SpyNetGirl
SpyNetGirl
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review SentinelOne Endpoint Security (with SonicWall)
Replies
30
Views
3,229
Video Reviews - Security and Privacy
Sunshine-boy
Sunshine-boy
oldschool
    • Like
    • +Reputation
New Update Brave Unveils New Privacy-Focused AI Answer Engine, Set to Handle Nearly 10 Billion Annual Queries
Replies
1
Views
167
Brave
oldschool
oldschool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top