**SentinelOne Control** builds on all the features of SentinelOne Core and add desired security suite features like device control and endpoint firewall control. It also adds full remote shell execution to ease IT overhead and provide uncharacteristic levels of granular control for management endpoints. Control unlocks granular device hardening capabilities for USB/Bluetooth devices, on device firewalling, visibility and vulnerability management and secure command line access to devices.
This robust package includes:
* Device Control for policy-based control of all USD device peripherals
* Firewall Control for policy-based control of network connectivity to and from assets, including location awareness
* Vulnerability Management, in addition to Application Inventory, for insight into third-party apps that have known vulnerabilities mapped to the MITRE CVE database
* Full Remote Shell capability for direct endpoint access by incident responders and forensics personnel
The innovative security solution offers broad protection against diverse modes of attack, including:
Executables - Trojans, malware, worms, backdoors, payload-based
Fileless - Memory-only malware, no-disk-based indicators
Documents - Exploits rooted in Office documents, Adobe files, macros, spear phishing emails
Scripts - Powershell, WMI, PowerSploit, VBS
Credentials - Mimikatz, credentials scraping, tokens
SentinelOne Control delivers multi-layered AI-powered endpoint protection, with Static AI pre-execution protection for known and unknown ﬁle based malware, and Behavioral AI agent-side behavioral monitoring that covers any attack vector, including unknown exploits and bypass attempts of traditional anti-virus.
The Behavioral AI engine is built to detect and mitigate malicious code and scripts in documents and is capable of detecting ﬁleless attacks and exploits. Lateral Movement uses Behavioral AI to discover attempts coming from another device over the network.
SentinelOne Control offers attack remediation, cleaning all artifacts of a malicious attempt, including registry, scheduled tasks and more, while Rollback Revert returns an endpoint its pre-infected state. Upon detection, SentinelOne can immediately stop lateral threat spread cold by disconnecting the infected endpoint from the network while still maintaining the agent’s connection to the management console.
SentinelOne Control includes basic EDR/Threat Hunting, which provides the ability to search for attack indicators, investigate existing incidents, perform ﬁle integrity monitoring and root out hidden threats. It includes an Attack Storyline, a visual diagram representing an execution ﬂow, helping IR teams to quickly evaluate the impact of any threat.