SentinelOne this week announced a partnership with Microsoft to bolster threat protection for mixed platform users, making computing safer for Linux machines in a multiplatform workplace.
SentinelOne will integrate its Endpoint Protection Platform with Microsoft’s Windows Defender Advanced Threat Protection service to cover Mac and Linux device platforms.
SentinelOne’s EPP technology will feed all threats and detections from Mac and Linux endpoints seamlessly into the Windows Defender ATP console, enabling security teams to see and remediate threats across Windows, Mac and Linux platforms.
“SentinelOne’s partnership with Microsoft aims to challenge the roles that third-party vendors such as Symantec, McAfee and Kaspersky Lab have held for years in detecting and securing computing endpoints against viruses and other exploits,” said Charles King, principal analyst at Pund-IT.
Those companies invested in sizable networks that monitor, discover and track viruses and similar dangers to maintain their industry postiions, he told LinuxInsider. They developed fixes that customers can use to defend themselves.
“Businesses and consumers using Linux-based and Apple solutions should enjoy viable, valuable alternatives to traditional third-party security solutions,” King said.
Customers of both SentinelOne and the Windows Defender ATP solution are eligible for beta access to the program, said Raj Rajamani, SentinelOne vice president of product management.
It is a proprietary software solution, he told LinuxInsider.
Once they have entered the beta program, users receive a token. When they enter it, the ATP console will start populating immediately.
“The cost is no different than it would be in using the standard SentinelOne product,” said Rajamani.
Linux and Mac users cannot run the EPP software independently, he noted. The workstation must be connected to the network to be able to send information to Windows Defender ATP.
Practical Workplace Solution
Organizations rarely have homogeneous information technology. They often use computers, operating systems and servers from a variety of vendors. As a result, it is essential to apply a unified cross-platform protection and visibility solution for threats across all platforms and devices, according to SentinelOne.
The integration with Windows Defender ATP will allow security teams to detect, prevent and respond to attacks on macOS and Linux OS devices natively, the company said.
“We are laser-focused on providing the industry’s most advanced and open endpoint protection platform,” remarked SentinelOne CEO Tomer Weingarden. “This tight integration furthers our mission to secure every endpoint and protect every edge of the network, regardless of hardware or OS.”
How It Works
SentinelOne’s Endpoint Protection Platform applies machine learning and artificial intelligence to protect devices from advanced threats proactively, and it detects and remediates endpoint issues fully automatically.
SentinelOne’s Behavioral AI engine monitors each system’s process, providing protection from the widest array of attack vectors. It also yields endpoint visibility, according to SentinelOne.
Within the Windows Defender ATP console, every device has its own rich machine timeline. The system stores event history for up to six months and can be searched and actioned instantaneously.
Customers can integrate with Windows Defender ATP and implement the service with just a few clicks. No additional infrastructure is required.
It provides customers with a single integrated view of their endpoint security across platforms, according to Moti Gindi, General Manager for Windows Cyber Defense at Microsoft.
Once the integration is configured, new events from Linux and macOS devices will start surfacing into the Windows Defender ATP console.
SentinelOne’s solution integrates with Windows Defender ATP to monitor Linux and Mac endpoints’ activity, and it applies machine learning to detect attacks dynamically in real-time.