SentinelOne and Netskope have partnered to offer a solution aimed at enhancing security for distributed work environments. In line with the agreement, the two companies have introduced the SentinelOne Singularity App for Netskope, a collaborative tool that provides in-depth visibility to detect and address threats across the expanding attack surface of remote work.
Akhil Kapoor, Vice President of Technology Partnerships at SentinelOne, stressed the importance of visibility in securing distributed workforces, especially as their numbers grow.
“In teaming with Netskope, we’re making it easy for our customers by providing a consolidated, granular view into threat activity across the entire technology stack, along with deep insights they can use to supercharge their hunting and investigation capabilities and keep people and information safe.”
A compatible pairing
SentinelOne’s Singularity platform safeguards various enterprise attack surfaces, while Netskope’s Intelligent Security Service Edge (SSE) secures access to various resources. Together, they create an integrated solution that empowers security teams to defend against threats swiftly and efficiently.
Andy Horwitz, Vice President of Business Development at Netskope, highlighted the value of correlating Netskope’s insights with SentinelOne’s capabilities, enabling automated and intelligent responses.
“Netskope provides invaluable insights into user and cloud activity and risk, and with Sentinel One, XDR customers are able to correlate this information with other systems and act upon it in an automated, intelligent, and scalable manner,” he said.
How it works
The SentinelOne Singularity App for Netskope streamlines threat investigation and hunting within Netskope’s Secure Service Edge. It enriches SentinelOne threats with relevant Netskope alerts, offering comprehensive visibility into endpoint, cloud, DLP, and SASE alerts for threat analysis. This integration accelerates the response process, enhancing overall security.
- Improve visibility – The SentinelOne Singularity App for Netskope offers a comprehensive view of the attack lifecycle, consolidating alerts related to endpoints, cloud, DLP, and SASE. Netskope’s User Behavior Analytics (UBA), Data Loss Protection (DLP), malware, and additional alerts are automatically integrated into the Singularity platform. Security analysts can utilise this platform to search, pivot, and proactively search for threats throughout their environment.
- Enhance threat understanding – The app autonomously enriches SentinelOne threat data with additional user insights from Netskope’s behavioral analytics. When an incident occurs, the app automatically includes correlated Netskope alerts and user confidence index (UCI) scores for a specific user. This streamlines the process for analysts, facilitating quicker triage and escalation.
- Expedite response and risk mitigation – Thanks to the integration with Netskope, SentinelOne can trigger alerts when a Netskope indicator matches a file hash, URL, or domain within its hunting interface. This enables automated actions such as isolating and quarantining malicious files or endpoints, reducing the time required to detect and respond to well-known threats and minimising enterprise risk.
