SentinelOne

Developed by SentinelOne

Accelerate incident response with Singularity XDR and Mimecast

Mimecast and SentinelOne provide an integrated solution to stop threats, provide security insights and streamline response across the organization. Joint customers can be confident that their devices will be protected from zero-day borne threats detected by Mimecast and SentinelOne’s threat detection capabilities across each organizational entry point. Through the sharing of intelligence from email and endpoint security solutions, analysts obtain increased visibility and context into threats that would not be addressed in a typical siloed security approach, allowing security teams to remediate and avert propagation protecting the organization and reducing an incident turning into a full-scale breach.

SentinelOne Singularity XDR provides AI-powered prevention, detection, and response across user endpoints, cloud workloads, and IoT devices. When a threat is detected in SentinelOne, SentinelOne StorylineTM correlates detections and activity data across security layers, including email, endpoints, mobile, and cloud. Analysts can streamline response by automatically taking actions such as suspending email for a given user, blocking the user email, or quarantining them.  Upon detection of the threat, SentinelOne can automatically suspend the last logged-in user’s ability to send an email, helping secure a critical lateral movement path.

With SentinelOne and Mimecast, joint customers can leverage cooperative defenses to protect enterprise devices and email. Together, security teams can rapidly respond to threats across endpoints and email for a holistic approach to incident response with XDR automation.

Key Benefits

  • Prevent lateral email threat propagation
  • Accelerate Incident Response and contain threats faster by automatically quarantining affected users in Mimecast
  • Minimize delays with no context switches or multiple dashboards
  • Frictionless 1-click installation and configuration

Solution Overview

  1. SentinelOne identifies malware attempting to execute upon the endpoint, and an alert is generated.
  2. The information relating to the ‘logged in user’ is sent to Mimecast, and the user is moved into a quarantine group to block email propagation.
  3. Analyst kills and quarantines malware in SentinelOne.
Developer

SentinelOne

Contact

SentinelOne

Documentation

View

Release Date

February 2022

Version

1.0

Get started
Back to Top