SentinelOne is a next-gen endpoint security solution. The product replaces our existing Windows Defender anti-virus solution with an advanced AI based agent that monitors for security threats. The evolution in anti-virus space has moved away from traditional signature based scanning to an AI based approach where the agent is always learning and looking for execution of scripts, monitoring new and malicious processes, discovering new services being installed, actively scanning memory for program execution being hijacked and discovering changes to the local file system.
Next-Gen endpoint security solutions are based on modern and proactive approaches. They preempt and predict threats in a number of ways. By evaluating all activity on an endpoint, both in the kernel and in user space, these tools keep a close eye on anything that looks suspicious. Machine learning processes are proficient at predicting where an attack will occur making next-gen tools more robust at detection and remediation of viruses, malware and other kinds of attacks early in the process.
SentinelOne platform is based on a patented technology that uses pre-execution static AI technology coupled with on-execution behavioral AI technology that detects anomalous actions in real time, including fileless attacks, exploits, bad macros, evil scripts, cryptominers, ransomware and other attacks. The protection is delivered in milliseconds to shutdown attacks and reducing dwell time to near zero, SentinelOne response features include alert, kill, quarantine, remediate unwanted changes, Windows rollback to recover data, network containment, remote shell and more.
SentinelOne and Crowdstrike are considered to be the two leading next-gen security solutions on the market. SentinelOne is superior to Crowdstrike and has outperformed it in recent, independent evaluations. See this detailed comparison page of SentinelOne vs CrowdStrike.