App Review SentinelOne Endpoint Security (with SonicWall)

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra

ShenguiTurmi

Level 3
Well-known
Feb 28, 2023
126
@Shadowra another sample. can you confirm the sample is working and not detected by S1?

Yes. Not detected by sensor based ML and cloud based hash blacklist.
I don't have the extra licence to install in test environment. So I didn't test if running it would trigger behavioural protection or not.
QQ截图20230723182817.png
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,355
It has a good reputation because the marketing is brilliant. The product is just one overblown antivirus. I bet if you compare it to Avast Free, Avast will easily blow S1 away. It’s just the EDR that is built well.
 

likeastar20

Level 9
Verified
Mar 24, 2016
412
It has a good reputation because the marketing is brilliant. The product is just one overblown antivirus. I bet if you compare it to Avast Free, Avast will easily blow S1 away. It’s just the EDR that is built well.
They are stupid enough to think that my tests are based on VT results. The only mention of VT by me is the link to the file. Like who does tests based on VT results. You know they have no idea what they are talking about when that is the first thing they think of.

1234.PNG
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,848
Does this guy have any evidence that SentinelOne detected the 3CX supply chain malware before anyone else? Or was it someone monitoring the XDR that saw the logs and responded? Many people don’t make difference.
This one is actually true. I saw this before the supply chain attack was discovered. Some S1 customers thought it to be a false positive and ignored. But S1 was not the only one, so did ESET and two, three other vendors at least. But of course not every vendor had customers using 3CX or customers who used 3CX and also updated their software to the infected version and was exploited. eg: Bitdefender said that they didn't see any exploitation attempt for their customers.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top