SentinelOne Announces Integration with AWS Security Hub

Rhea-AI Summary

SentinelOne (NYSE: S) has announced a new integration with AWS Security Hub, enhancing cloud security by aggregating threat information from SentinelOne agents. This integration allows organizations to monitor and respond to cloud workload threats effectively. Key benefits include improved defense-in-depth, centralized visibility, enriched investigation capabilities, and ease of use with a simple API configuration. Joints efforts with partners like 6pillars emphasize the importance of securing cloud environments, supporting ongoing security compliance and auto-remediation.

Positive

• Integration with AWS Security Hub enhances cloud security management.
• Improved threat detection and response capabilities for AWS workloads.
• Centralized visibility and enriched investigation process for security teams.
• Easy deployment with a simple API configuration at no additional cost.

Negative

• None.

Solution Enhances Cloud Protection, Delivering Defense-in-Depth and Improved Visibility Across Entire Cloud Estates

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)-- SentinelOne (NYSE: S), an autonomous cybersecurity platform company, today announced a new integration with AWS Security Hub. Available via the SentinelOne Singularity Marketplace, the new integration filters high-fidelity threat information from SentinelOne agents running on Amazon Web Services (AWS) through AWS Security Hub. This allows organizations to effectively defend cloud workloads with centralized insights from SentinelOne, AWS services, and additional security tools.

“Specializing in continuous compliance and auto-remediation in AWS, 6pillars understands the need for security to extend to all reaches of the cloud,” said Lorenzo Modesto, CEO, 6pillars.io. “As part of our end-to-end anti-ransomware automation, we use Singularity XDR and SentinelOne for AWS Security Hub to centralize visibility and protection of endpoints as well as workloads in AWS.”

To defend against today’s threats, an effective cloud security solution must include runtime protection, detection, and response capabilities. SentinelOne’s Singularity Cloud Workload Protection includes enterprise-grade protection, Endpoint Detection and Response, and Application Control to secure cloud apps wherever they are running. Furthermore, SentinelOne’s Linux Sentinel and Windows Server Sentinel deliver runtime security for virtual machines (VMs) while Kubernetes Sentinel delivers runtime security for managed and self-managed Kubernetes clusters. SentinelOne’s agents have full visibility into the security posture of any cloud workload regardless of its state.

The SentinelOne integration for AWS Security Hub delivers high-fidelity threat information from SentinelOne agents running on AWS workloads to AWS Security Hub. AWS Security Hub then aggregates, organizes, and prioritizes security alerts, enabling security teams to prioritize and respond effectively to any threat in progress. The integration retrieves findings, including metadata, from the SentinelOne console and pushes them to AWS Security Hub, enabling incident investigation directly from AWS Security Hub. SentinelOne incidents are normalized to AWS Security Finding Format (ASFF), eliminating the need to convert or parse security data.

“SentinelOne delivers full transparency for everything happening across an organization’s network at machine speed,” said David Baldwin, Director of Product Management, SentinelOne. “By making our unmatched cloud capabilities available to AWS Security Hub users via this joint solution, we are enabling organizations to protect their cloud estates using the tools of their choice, responding to threats in progress in the manner that best fits with their workflow.”

Other key benefits of the joint solution include:

• Improved Defense-InDepth: joint customers can combine industry-leading protection with AWS-native posture management capabilities.
• Centralized Visibility: Users can monitor abnormal behavior within the workload and detect anomalies.
• Enriched Investigation: Security teams can easily investigate threats in progress with one-click deep dives on incident metadata.
• Ease of Use: The integration’s simple API configuration deploys in seconds at no additional cost.

For more information on the SentinelOne and AWS Security Hub, visit www.s1.ai/AWS.

About SentinelOne
SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

View source version on businesswire.com: https://www.businesswire.com/news/home/20220602005200/en/

Will Clark

fama PR for SentinelOne

E: S1@famapr.com

Source: SentinelOne

FAQ

What is SentinelOne's new integration with AWS Security Hub?

SentinelOne's new integration allows users to filter high-fidelity threat information from SentinelOne agents running on AWS through AWS Security Hub, enhancing cloud workload protection.

How does the integration improve cloud security for SentinelOne customers?

The integration provides centralized insights, improved defense-in-depth, and enables security teams to prioritize and respond to threats effectively.

What are the benefits of the SentinelOne and AWS Security Hub integration?

Key benefits include improved threat detection, centralized visibility, enriched investigation capabilities, and ease of deployment with a simple API.

Who benefits from the SentinelOne and AWS Security Hub collaboration?

Organizations using AWS services can enhance their cloud security posture by utilizing SentinelOne's threat detection and response capabilities alongside AWS Security Hub.

When was SentinelOne's new integration with AWS Security Hub announced?

The integration was announced on June 2, 2022.