ITHQ LTD

SentinelOne Active EDR - Endpoint Detection and Response

The SentinelOne Endpoint Protection Platform unifies prevention, detection, and response in a single purpose-built agent powered by machine learning and automation. It provides prevention and detection of attacks across all vectors, elimination of threats with automated, policy-driven response capabilities, and complete visibility into the endpoint environment with full-context, real-time forensics.

Features

• Autonomous AI on every endpoint protecting and responding to malware
• Alerts include full context analysis to enable effective investigations
• Windows, Linux and Mac device support for EDR
• Real time identification of threats that need investigation
• Automated threat hunting with event correlation
• Cloud hosted web management platform
• Support for on-premise, hybrid and full cloud environments
• Behavioural analysis of all device activities monitoring even trusted processes

Benefits

• Ransomware warranty up to $1M if breached
• Unify prevention, detection and response in one product
• Single software package to deploy and manage
• Simplified administration and ease of operation reduces management overhead
• Fewer alerts releasing overburdened staff for other projects
• Real-time forensic breakdown of any attack
• Visualisation tools to easily evaluate the impact of attacks
• Enterprise proven solution for all environments
• Integrated with other security platforms eg Fortinet/Splunk/Rapid7
• Certified and recognised to meet industry and vertical certifications

£3 to £15 a device a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@ithq.pro. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

397534221498015

Contact

Dale Nursten
02039977979
bidteam@ithq.pro

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Fortinet; Netskope; JumpCloud; Okta; BigFix; Tanium
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: No specific constraints outside of the SentinelOne compatibility matrix.; ; Datasheet for more details:; https://go.sentinelone.com/rs/327-MNM-087/images/SEN0202_DataSheet_EPP_WEB.pdf
• System requirements:
  • Windows Desktop Endpoints
  • Mac OSX Desktop Endpoints
  • Linux Desktop Endpoints
  • Windows Server Endpoints
  • Linux Server Endpoints

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: https://www.sentinelone.com/legal/support-terms/
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The support policies can be viewed at:; ; https://www.sentinelone.com/legal/support-terms/
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: ITHQ will support the on-boarding of the solution with an agreed Scope of Works document customised to meet the customers' requirements.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data export tools within the platform.
• End-of-contract process: At the end of the contract the customer will be offered the option of extending their subscription or ceasing to use the platform.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Details of the mobile features can be found here: https://www.sentinelone.com/platform/singularity-mobile/
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: SentinelOne’s platform is “API first,” one of our main market differentiators.; ; API-first means our developers build new product function APIs before coding anything else. Most UI functions have a customer-facing API. Because there is so much overlap between the UI and the API, the SentinelOne solution can be run as a point product (via the UI), or it can be an important component within your security stack via the API.; ; The SentinelOne API is a RESTful API and is comprised of 300+ functions to enable 2-way integration with other security products. All APIs are well documented directly within the UI using Swagger API referencing and include facilities for developers to test their code.; ; SentinelOne offers an SDK to abstract API access with no additional cost.; ; The SentinelOne SDK, complete with documentation, is available to all SentinelOne customers directly from the Management console.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Customisation will be discussed and agreed as part of a Scope of Works document with ITHQ around the integration with external systems and any customised reporting or alerting required by customers.

Scaling

• Independence of resources: Services are hosted on a public cloud that can easily and immediately scale to meet demand. Each customer has their own instance and can be provisioned as needed to comply with performance objectives. There are over 4000+ customers including Fortune 10 and Global 2000 customers.

Analytics

• Service usage metrics: Yes
• Metrics types: Details of license capacity consumed.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: SentinelOne

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Using the data export tool available in the platform.
• Data export formats: CSV
• Data import formats: Other
• Other data import formats: N/A

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: As a hosted platform the service should be available at all times with the exception of the defined maintenance windows.; ; https://www.sentinelone.com/legal/terms-of-service/
• Approach to resilience: SentinelOne has a high-availability cloud based architecture and design to minimise disruption from a single data centre, Policies compliant with ISO 27001 and SOC3 Type II are in place to ensure resilience.
• Outage reporting: Service status can be verified through the SentinelOne Support portal.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Only authorised users / groups will be able to access the management interface or support portals.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International Ltd
• ISO/IEC 27001 accreditation date: 15/03/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: SentinelOne:; SOC2 Type II; GDPR; PCI
• Information security policies and processes: We have a dedicated security team that oversees SentinelOne’s information security program, which encompasses high-quality network security, application security, identity and access controls, change management, vulnerability management and third-party pentesting, log/event management, vendor risk management, physical security, endpoint security, physical security, governance & compliance, and people/HR security, disaster recovery and others. Our servers are protected by high-end firewall systems, scans are performed regularly to ensure that any exposed vulnerabilities are quickly found and patched, complete penetration tests are performed yearly, customer data is processed and stored at a specific location known to the customer within a specific region such as North America, Europe or Asia, access to systems is restricted to specific individuals based on “need to know” principles and monitored and audited for compliance, We use (TLS) encryption for all customer data transfers, and customers can elect to have all their data encrypted at rest. Our Solutions are hosted by AWS, which is audited using the ISO 27001 and SOC3 TypeII Standards. To ensure that we maintains the highest possible levels of information security, SentinelOne has procured the auditing services of a reputable third party auditors and audits its information security practices annually under the ISO27001 Standard.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We have a dedicated security team that oversees SentinelOne’s information security program, which encompasses identity and access controls, change management, vulnerability management and third-party pentesting,
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We have a dedicated security team that oversees SentinelOne’s information security program, which encompasses vulnerability management and third-party pentesting, log/event management, vendor risk management, physical security, endpoint security, physical security, governance & compliance, and people/HR security, disaster recovery and a host of additional controls.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We have a dedicated security team that oversees SentinelOne’s information security program, which encompasses high-quality network security, application security and a host of additional controls.
• Incident management type: Supplier-defined controls
• Incident management approach: We have a dedicated security team that oversees SentinelOne’s information security program, which encompasses high-quality log/event management, physical security, endpoint security, physical security, governance & compliance, and people/HR security, disaster recovery and a host of additional controls.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity

  Tackling economic inequality

  ITHQ runs a corporate social responsibility programme called Life In IT in South East England. Life In IT allows us to recondition tech devices donated from businesses headed for disposal and pass them on to local non- profit organisations that put them to great use. Schools in particular are now benefitting from free technology that creates fresh learning opportunities through increased access to education platforms for more students.

  Equal opportunity

  To specifically address equal opportunity, our Life In IT programme prioritises collaboration with schools that support students from diverse backgrounds, including low-income families, minorities, and those with disabilities. We provide customised technology solutions that cater to a wide range of learning needs and styles, thereby ensuring all students have the opportunity to succeed. By doing so, ITHQ is committed to creating a more inclusive educational environment where every student, regardless of their socioeconomic status or background, can benefit from equal access to high-quality digital education.

Pricing

• Price: £3 to £15 a device a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A Proof of Concept / evaluation period can be arranged for a limited time on a limited number of endpoints. Details will be finalised after an initial demo and scoping meeting.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@ithq.pro. Tell them what format you need. It will help if you say what assistive technology you use.