- Sep 2, 2021
- 2,619
SentinelOne is an American IT security company for businesses.
They offer their AI-based NGAV (NextGen Antivirus) software to protect against malware.
It is also equipped with SonicWall, a company specializing in firewalls and IDS.
Settings are default.
SentinelOne is difficult to rate, so I'll just summarize.
The administration console is very light. You can perform a few actions, but it's impossible to modify specific rules... You really have to trust the editor's choices.
Web protection is good. SentinelOne catches downloaded files by blocking them directly from Edge. However, I was very surprised to see NO alerts from SentinelOne!
I had to check the SonicWall list...
On the pack, SentinelOne put up a good fight, but like all NGAVs, it has major weaknesses when it comes to script attacks. A njRAT managed to install itself, and SentinelOne asked for a reboot to perform its remediation, which I accepted. The trojan was gone.
Although SentinelOne defended itself well, it occasionally takes a while to detect a suspicious action. This can leave the computer in danger.
At the end of the test, the machine was compromised by a bloated Trojan that was active, as well as a CMD script entry at startup.
Not convinced, I expected better.
@ShenguiTurmi , @Correlate and @likeastar20 request
They offer their AI-based NGAV (NextGen Antivirus) software to protect against malware.
It is also equipped with SonicWall, a company specializing in firewalls and IDS.
Settings are default.
SentinelOne is difficult to rate, so I'll just summarize.
The administration console is very light. You can perform a few actions, but it's impossible to modify specific rules... You really have to trust the editor's choices.
Web protection is good. SentinelOne catches downloaded files by blocking them directly from Edge. However, I was very surprised to see NO alerts from SentinelOne!
I had to check the SonicWall list...
On the pack, SentinelOne put up a good fight, but like all NGAVs, it has major weaknesses when it comes to script attacks. A njRAT managed to install itself, and SentinelOne asked for a reboot to perform its remediation, which I accepted. The trojan was gone.
Although SentinelOne defended itself well, it occasionally takes a while to detect a suspicious action. This can leave the computer in danger.
At the end of the test, the machine was compromised by a bloated Trojan that was active, as well as a CMD script entry at startup.
Not convinced, I expected better.
@ShenguiTurmi , @Correlate and @likeastar20 request