SentinelOne Singularity Platform

Service scope

Software add-on or extension: No
Cloud deployment model: Public cloud
Service constraints: No
System requirements: Minimum Operating specs for those devices (different per OS)

User support

Email or online ticketing support: Email or online ticketing
Support response times: Defined by (1) Support package purchased and (2) Priority of the question. Support standard - Urgent - 4 hours/ High - 12 hours/ Normal - 24 hours / Low - 72 Hours. Support Enterprise/Enterprise Pro - Urgent - 1 hour / High - 3 hours/ Normal - 6 hours/ Low - 12 hours
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: None or don’t know
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: No
Onsite support: Onsite support
Support levels: Support levels: Standard/Enterprise/Enterprise Pro. A technical account manager can be purchased at additional cost.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Guided onboarding via our SentinelGO team. Comprehensive documentation including 'Getting Started with the SentinelOne platform - deployment, configuration, best practices etc
Service documentation: Yes
Documentation formats: HTML
End-of-contract data extraction: SentinelOne is actively working towards updating its Management Console and user-facing documentation to comply with WCAG 2.1 Level AA accessibility standards. This effort is part of a broader project aimed at enhancing accessibility across the platform, with a focus on making the software perceivable, operable, understandable, and robust, in line with WCAG principles. The project includes technical updates such as improving UI focus states, color contrast, keyboard navigation, and more. Additionally, the documentation and pages are being prepared for future localization by externalizing text strings and ensuring they are covered with Playwright tests to validate accessibility.
End-of-contract process: SentinelOne provides technical support and guidance throughout the data extraction process. Once the data extraction is complete, both parties may need to perform final actions such as confirming the deletion of customer data from SentinelOne systems, finalizing any outstanding financial transactions, and conducting exit interviews or surveys to gather feedback.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Firefox

Chrome

Safari
Application to install: Yes
Compatible operating systems: Android

IOS

Linux or Unix

MacOS

Windows

Other
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: The key differences between SentinelOne's mobile and desktop solutions primarily revolve around their approach to addressing the unique security challenges and operational environments of mobile versus desktop endpoints. SentinelOne's mobile threat defense (MTD) focuses on the increased attack surface presented by mobile devices, offering advanced security features designed to protect against zero-day and zero-click vulnerabilities, rogue networks, and complex mobile malware. This is in contrast to the desktop solution, which may deal more with traditional threats and system vulnerabilities.
Service interface: Yes
User support accessibility: WCAG 2.1 AAA
Description of service interface: There is a seperate service interface for mobile device accessed on a seperate URL but hyperlinked from the 'primary' SentinelOne Singularity Management platform. This seperate interface allows for the management and configuration of mobile devices and policies. Data from this seperate service interface can be ingested into the Singularity Data Lake.
Accessibility standards: WCAG 2.1 AAA
Accessibility testing: N/a
API: Yes
What users can and can't do using the API: The SentinelOne API is a RESTful API and is comprised of 300+ functions to enable 2-way integration with other security products. All APIs are well documented directly within the UI using Swagger API referencing and include facilities for developers to test their code.
API documentation: Yes
API documentation formats: Open API (also known as Swagger)

HTML
API sandbox or test environment: No
Customisation available: Yes
Description of customisation: In terms of the console, the customer can customise dashboards and reporting around data coming from SentinelOne agents. This is managed within the SentinelOne management console. Those with administrative access to the console can customise.

Scaling

Independence of resources: SentinelOne employs a variety of strategies and technologies to ensure that the demand from other users does not negatively affect a user's experience. Key among these strategies is the use of Amazon Elastic Load Balancing (ELB), which plays a crucial role in managing the distribution of incoming network traffic across multiple servers. This ensures that no single server bears too much load, which can degrade performance. ELB automatically adjusts to incoming application traffic, providing greater levels of fault tolerance and ensuring that applications are highly available.

Analytics

Service usage metrics: No

Resellers

Supplier type: Reseller providing extra support
Organisation whose services are being resold: SentinelOne

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: European Economic Area (EEA)
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least once a year
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Encryption of all physical media

Other
Other data at rest protection approach: Encryption: SentinelOne enforces encryption for data at rest to safeguard sensitive/confidential information.
Client-side Encryption: Complete control over the encryption and decryption process, including managing keys/algorithms/libraries, and compute resources. This method ensures that client-side master keys and unencrypted data are never sent to AWS, emphasizing the importance of securely managing encryption keys to prevent data loss.
Server-side Encryption: Implemented as a storage class within S3 for long-term data storage. Data's transitioned to S3 Glacier storage for flexible encryption options compared to standalone Glacier vaults. Approach highlights dual method of encryption SentinelOne uses to protect data at rest in the AWS environment.
Data sanitisation process: No
Equipment disposal approach: In-house destruction process

Data importing and exporting

Data export approach: Threat Data - via SYSLOG, All process data - via S3 bucket into SIEM. Console data via CSV or API
Data export formats: CSV

Other
Other data export formats: Syslog

API
Data import formats: CSV

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)
Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability: SentinelOne's Service Level Agreement (SLA) specifies that planned downtime should not exceed six hours a month. This planned downtime is accounted for outside the service availability calculations. SentinelOne measures Singularity Platform Availability in minutes per calendar month, excluding downtime due to force majeure events, issues caused by the customer or third parties, and planned downtime or upgrades requested by the customer.
Approach to resilience: SentinelOne employs a distributed architecture that enhances resilience. The service leverages a Content Delivery Network to improve the performance, reliability, and scalability of content delivery over the internet. By using a network of geographically distributed servers, SentinelOne reduces latency, enhances availability, scales bandwidth, and optimizes content delivery. This not only improves user experience but also contributes to the resilience of the service by ensuring content is accessible even under high demand or potential attack scenarios.
Outage reporting: SentinelOne is committed to transparency and effective communication with its customers, especially in the event of service disruptions. When an outage occurs, SentinelOne employs a multi-channel communication strategy to inform its users promptly. This includes notifications through the SentinelOne platform itself, email alerts to registered users, and updates on the SentinelOne status page, which provides real-time information on system performance and any ongoing issues. Additionally, for significant incidents, SentinelOne may engage directly with affected customers through their account managers to provide personalized updates and support. The goal is to ensure that all users are well-informed about the nature of the outage, the expected resolution time, and any recommended actions they should take. This approach underscores SentinelOne's commitment to maintaining a high level of service availability and customer satisfaction.

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Username or password
Access restrictions in management interfaces and support channels: SentinelOne's Access Control Policy is based on an employee’s job function and role using Least-Privilege and Need-to-Know concepts to match access privileges to defined responsibilities. By default SentinelOne employees are granted only a limited set permissions to access company resources such as email internal portals and HR information and access credentials cannot be shared among authorized personnel. Access to SentinelOne’s data systems is controlled by authentication and authorization mechanisms.
Access restriction testing frequency: At least once a year
Management access authentication: 2-factor authentication

Username or password

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: At least 12 months
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: Yes
Other security certifications: Yes
Any other security certifications: SSAE 18 SOC ype II

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: Other
Other security governance standards: SSAE SOC 2 Type II
Information security policies and processes: SentinelOne implements and maintains a multi-layer Information Security Management System (ISMS), in accordance with ISO 27002 guidance. To test the implementation of the controls, SentinelOne has retained the auditing services of a top-tier, independent 3rd party auditor and has undergone a SOC 2 Type 2 audit. The ISMS provides for controls at multiple levels of data storage, processing, export and/or deletion, access, and transfer

Operational security

Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach: SentinelOne's Information Security Program includes a configuration management plan. The configuration management plan mandates the creation of configuration management procedures by system owners with each procedure required to have a change control process in place.
All changes to systems, including patches, software, and firmware updates and security permission changes, are appropriately tested, and approved by authorized business personnel prior to changes being implemented into production.
Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach: Security Vulnerability Management Policy & Patch management standard: detailed process for testing SentinelOne products and corporate systems for security vulnerabilities, reporting of identified vulnerabilities and a corresponding elimination procedure. The vulnerability management program also includes:
Quarterly network vulnerability scans and annual penetration testing process implemented, Application of security patches to production systems on a regular basis;
Updating all software components and operating systems as part of every application/management console major release; Performing Static, Dynamic code analysis & 3rd party library vulnerability scanning before every major release.
Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach: SentinelOne has put in place a security incident management process for managing security incidents that may affect the confidentiality, integrity, or availability of its systems or data, including Customer Data. The process specifies courses of action, procedures for notification, escalation, mitigation, post-mortem investigations after each incident, response process, periodic testing, and documentation. SentinelOne has a dedicated SOC function, which manages & monitors a Security Information & Event Management (SIEM) solution deployed across the organization.
Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach: SentinelOne has put in place a security incident management process for managing security incidents that may affect the confidentiality, integrity, or availability of its systems or data, including Customer Data. The process specifies courses of action, procedures for notification, escalation, mitigation, post-mortem investigations after each incident, response process, periodic testing, and documentation. SentinelOne has a dedicated SOC function, which manages & monitors a Security Information & Event Management (SIEM) solution deployed across the organization.

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks: No

Social Value

Equal opportunity
Wellbeing

Equal opportunity

• To create an environment in which individual differences and the contributions of all our staff are recognised and valued.
• Every employee is entitled to a working environment that promotes dignity and respect to all. No form of intimidation, bullying or harassment will be tolerated.
• Training, development and progression opportunities are available to all staff.
• To promote equality in the workplace which we believe is good management practice and makes sound business sense.
• We will review all our employment practices and procedures to ensure fairness.
• Breaches of our Equality Policy will be regarded as misconduct and could lead to disciplinary proceedings.
• This policy is fully supported by Senior Management.
• The policy will be monitored and reviewed regularly.

Wellbeing

• We promote an open, supportive company culture where employees look out for one another and feel comfortable discussing any difficulties. Mental health is valued equally to physical health.
• Employees have access to confidential counselling, therapy, and other mental health resources through our employee assistance program.
• We encourage taking time off when needed for mental health days in addition to sick days. Employees are trusted to manage their time off responsibly.
• Training is provided to managers on recognizing signs of burnout,
work overload, and other mental health concerns. Managers work to
proactively address issues and reduce employee stress.
• Employee workloads and schedules are designed to be reasonable
and sustainable.
• Wellness initiatives like meditation breaks, stress management
workshops, mindfulness programs, and social events are offered
throughout the year.

Pricing

Price: £27.22 a device a year
Discount for educational organisations: No
Free trial available: Yes
Description of free trial: Full solution provided, for customer testing, typically over 2-4 weeks.

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

SentinelOne Singularity Platform

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents