**SentinelOne Core** has all endpoint security essential features in place, including prevention, detection, and response in a single, purpose-built agent power by machine learning and automation. It provides prevention and detection of attacks across all major vectors, rapid elimination of threats with fully automated, policy-driven response capabilities, and complete visibility into the endpoint environment with full-context, real-time forensics.
* Single, holistic agent for PC, Mac, Linux, VDI
* Multi-layered AI-powered endpoint protection
* Threat Hunting and device controls
* Policy driven response to threats
* Enterprise proven and easily scalable
* Certified and recognized as an industry leading solution
* Helps eliminate notification fatigue
The innovative security solution offers broad protection against diverse modes of attack, including:
* Executables - Trojans, malware, worms, backdoors, payload-based
* Fileless - Memory-only malware, no-disk-based indicators
* Documents - Exploits rooted in Office documents, Adobe files, macros, spear phishing emails
* Scripts - Powershell, WMI, PowerSploit, VBS
* Credentials - Mimikatz, credentials scraping, tokens
**SentinelOne Core** delivers multi-layered AI-powered endpoint protection, with Static AI pre-execution protection for known and unknown ﬁle based malware, and Behavioral AI agent-side behavioral monitoring that covers any attack vector, including unknown exploits and bypass attempts of traditional anti-virus.
The Behavioral AI engine is built to detect and mitigate malicious code and scripts in documents and is capable of detecting ﬁleless attacks and exploits. Lateral Movement uses Behavioral AI to discover attempts coming from another device over the network.
SentinelOne Core offers attack remediation, cleaning all artifacts of a malicious attempt, including registry, scheduled tasks and more, while Rollback Revert returns an endpoint its pre-infected state.
Upon detection, SentinelOne can immediately stop lateral threat spread cold by disconnecting the infected endpoint from the network while still maintaining the agent’s connection to the management console.
SentinelOne Core includes basic EDR/Threat Hunting, which provides the ability to search for attack indicators, investigate existing incidents, perform ﬁle integrity monitoring and root out hidden threats. It includes an Attack Storyline, a visual diagram representing an execution ﬂow, helping IR teams to quickly evaluate the impact of any threat.
In addition, Device Control enables you to apply policy and control USB and peripheral devices connected to your assets.