The joint solution integrates SentinelOne and the Exabeam Security Management Platform to allow customers to rapidly detect and automatically respond to threats across all endpoints. SentinelOne autonomously defends every endpoint against every type of attack, the company says, at every stage in the threat lifecycle.
Through the integration, joint customers will be able to ingest threat and incident data directly from SentinelOne into the Exabeam Security Management Platform to baseline normal behavior. Customers can combine that data with data from other IT and security solutions to provide security analysts with greater visibility against advanced attacks.
Additionally, Exabeam can trigger automated incident response for compromised endpoints using the SentinelOne API. By gathering all related events into Exabeam Smart Timelines, analysts can automatically reconstruct the events underlying security incidents. The Exabeam Security Management Platform automatically identifies risky, anomalous device activity that may be indicative of a security incident or compromise.
Customers can then automatically respond to the incident directly from the Exabeam UI: changing user passwords, sending email verifications, restarting and scanning hosts, getting device and/or user information, and enabling or disabling two-factor authentication. They can also generate and list reports, list processes, get files and list applications on a host.
The joint solution will be available through mutual channel partners of SentinelOne and Exabeam, including Optiv and Exclusive Networks.