Active Detection & Response Features
Core
Control
Complete
Executive Summary
XBAND XDR offers a single autonomous agent combining EPP and ActiveEDR in three different tiers for customized requirements.
- Core has all the endpoint security essentials including prevention, detection, and response.
- Control adds desired security suite features, like device control and endpoint firewall control. It also adds full remote shell execution to ease IT overhead and provide uncharacteristic levels of granular control for managing endpoints.
- Complete adds Deep Visibility Threat Hunting module for advanced forensic mapping, visibility, and nuanced response capability for the enterprise SOC or interested technology professional.
The XDR Endpoint Protection Platform unifies prevention, detection, and response in a single purpose-built agent powered by machine learning and automation. It provides prevention and detection of attacks across all major vectors, rapid elimination of threats with fully automates, policy-driven response capabilities, and complete visibility into the endpoint environment with full-context, real-time forensics.
Active Detection Response Features
CORE
Made for every organization that wants top-notch protection without the hassle of complex management or the need for highly skilled security analysts.
- Endpoint Prevention (EPP) to stop a wide range of malware, Trojans, hacking tools,
and ransomware before they start - ActiveEDR Basic for Detection & Response (EDR) works in real time with or without cloud connectivity. ActiveEDR detects highly sophisticated malware, memory exploits, script misuse and other fileless attacks as they attempt to do damage.
ActiveEDR responds at machine speed to autonomously contain damage - ActiveEDR recovery gets users up and running in minutes and includes 100% remediation as well as rollback for Microsoft Windows
CONTROL
Made for organizations seeking best-of-breed security found in Core with the addition of security suite features that streamlines granular endpoint management.
- All Core features
- Device Control for policy-based control of all USB device peripherals
- Firewall Control for policy-based control of network connectivity to and from assets, including location awareness
- Vulnerability Management, in addition to Application Inventory, for insight into 3rd party apps that have known vulnerabilities mapped to the MITRE CVE database
- Full Remote Shell capability for direct endpoint access by incident responders and forensics personnel
COMPLETE
Made for enterprises that need modern endpoint security and control plus threat hunting
options for the SOC.
- All Core + Control features
- ActiveEDR Advanced adds visibility of all benign data
- ActiveEDR Advanced adds enterprise threat hunting. SentinelOne differentiates with ease-of-use personified by the active nature of the solution in autonomously responding to attacks. All OS stories are automatically contextualized with S1’s patented TrueContext function, saving analysts tedious event correlation tasks and getting them to the root cause fast.
Free Platform Access
From Monday March 16, through Friday May 15th,
Core and rapid deployment are offered free of charge.